Fixed, we are also looking for what reason the TinyMCE do this strange things.
Thank you for your feedback metux!
Fixing the POODLE (SSLv3) vulnerability (ZCS 7.x, ZCS 8.0.x, ZCS 8.x)
- jorgedlcruz
- Zimbra Alumni
- Posts: 2782
- Joined: Thu May 22, 2014 4:47 pm
Fixing the POODLE (SSLv3) vulnerability (ZCS 7.x, ZCS 8.0.x, ZCS 8.x)
Interesting that we need the proxy for better SSL security.
hmm, why not completely offloading all the SSL handling (and probably other security stuff) to the proxy and so make mailbox a bit thinner ?
hmm, why not completely offloading all the SSL handling (and probably other security stuff) to the proxy and so make mailbox a bit thinner ?
-
- Advanced member
- Posts: 68
- Joined: Sat Sep 13, 2014 2:14 am
Fixing the POODLE (SSLv3) vulnerability (ZCS 7.x, ZCS 8.0.x, ZCS 8.x)
PSA: See https://wiki.zimbra.com/wiki/Security/Collab/86#MTA where there's some commentary on additional steps for 8.6. Specifically, these changes should be made as well:
postconf -e lmtp_tls_mandatory_protocols='!SSLv2, !SSLv3'
postconf -e smtp_tls_mandatory_protocols='!SSLv2, !SSLv3'
postconf -e smtpd_tls_mandatory_protocols='!SSLv2, !SSLv3'
postconf -e lmtp_tls_mandatory_protocols='!SSLv2, !SSLv3'
postconf -e smtp_tls_mandatory_protocols='!SSLv2, !SSLv3'
postconf -e smtpd_tls_mandatory_protocols='!SSLv2, !SSLv3'