SSL security updated

Due to a recently discovered SSL man-in-the-middle flaw, I’ve upgraded our web, IMAP and POP proxy servers to disable SSL renegotiation.

At the same time, I’ve disabled SSLv2 protocol (it’s been deprecated 1996) and disabled all “LOW” and “EXPORT” ciphers.

In theory, there should be no user visible changes, but some very, very old email clients or browsers may experience problems. Unfortunately in those cases, people are either going to have to use non-SSL access, or upgrade their email client/browser to a newer version.

Posted in News, Technical. Comments Off
Follow

Get every new post delivered to your Inbox.

Join 5,467 other followers

%d bloggers like this: