Hello,
in according to this scanner, last version of mail enable 9.0.4 professional is vulnerable: https://drownattack.com/#check
What we have to do in order to put mail enable in secure and disabling SSLv2 support ?
Waiting for your reply
Regards
SSL Drown vulnerable
-
MailEnable-Ian
- Site Admin
- Posts: 9738
- Joined: Mon Mar 22, 2004 4:44 am
- Location: Melbourne, Victoria, Australia
Re: SSL Drown vulnerable
HI,
MailEnable uses the Windows cryptographic API to do the SSL setup/configuration, so you would need to disable SSLv2 on the server. There are a few articles on the web on how to disable this, for example:
http://www.hosting.com/support/pci-secu ... 2008-64bit
MailEnable uses the Windows cryptographic API to do the SSL setup/configuration, so you would need to disable SSLv2 on the server. There are a few articles on the web on how to disable this, for example:
http://www.hosting.com/support/pci-secu ... 2008-64bit
Regards,
Ian Margarone
MailEnable Support
Ian Margarone
MailEnable Support
