[stunnel-users] Disable support for insecure SSLv2 protocol but allow for ONE service

Ben Stover bxstover at yahoo.co.uk
Tue Oct 15 22:21:08 CEST 2013


When I try to connect to one of my mailboxes I get a return:

SSL_connect: 1408F10B: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket

What does that mean?

in stunnel.conf I set the global parameter:

options = NO_SSLv2

This works in general. But for the mentioned email provider it could mean that he allows only SSLv2.
Is this the reason?

Where is described what is inscure at SSLv2?

How can I allow for that particular email provider SSLv2 but disallow for all others?

Ben





More information about the stunnel-users mailing list