[stunnel-users] Exchange Online - SSLv3 and Sophos UTM 120 firewall update
shogan at mila.ie
Fri Oct 31 11:56:43 CET 2014
Thanks for making that a lot clearer!
You remind me of my college days (and nights!) when referring to finite state machines - I have a very good working knowledge of these as well! ;)
That's very good news... so I presume the line:
2014.10.28 14:35??:55 LOG6: Negotiated TLSv1 ciphersuite ECDHE-RSA-AES256-SHA (256-bit encryption)
... is the confirmation that the TLS protocol is being used?
(Apologies for my delayed response - I was out of the office yesterday.)
From: stunnel-users <stunnel-users-bounces at stunnel.org> on behalf of Michal Trojnara <Michal.Trojnara at mirt.net>
Sent: 29 October 2014 16:14
To: stunnel-users at stunnel.org
Subject: Re: [stunnel-users] Exchange Online - SSLv3 and Sophos UTM 120 firewall update
-----BEGIN PGP SIGNED MESSAGE-----
Stephen Hogan wrote:
> 2014.10.28 14:35:55 LOG7: SSL state (connect): SSLv3 write
> client hello A
> I have a basic (shaky) understanding that the "handshake" for TLS
> does downgrade to SSLv3 if newer versions of TLS fail, but I am
> wondering if I apply the update recommended on the firewall, will
> this cut the communication for the SMTP relay, the way I am using
The debug messages produced by stunnel can sometimes be confusing.
They are intended to be helpful to developers, and not end-users.
OpenSSL implements the SSL/TLS/DTLS protocols with three separate
finite state machines: SSLv2, SSLv3, and DTLS1.
All TLS protocols use the SSLv3 state machine, thus the state name
does not reflect the actual protocol being negotiated.
See the source for details:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----END PGP SIGNATURE-----
stunnel-users mailing list
stunnel-users at stunnel.org
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
[Mila Logo] Stephen Hogan | System Administrator | Mila Limited
Kilbarrack Industrial Estate, Kilbarrack, Dublin 5, IRELAND
Tel: +353 (0)1 839 0402 | Fax: +353 (0)1 839 0589
Email: shogan at mila.ie | Web: www.mila.ie
Company Reg. No. 143406. Registered address: 24/26 City Quay, Dublin 2, Ireland.
DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the attention and use of the individual or entity to whom they are addressed. No copyright or other intellectual rights to any material attached to this email, either inline or as an attachment are transferred to the recipient unless explicitly stated. If you have received this email in error please reply to inform us accordingly, prior to deleting the message.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the stunnel-users