At Esendex, the security of your data is important to us. With this in mind, we’re writing to make you aware of what Esendex is doing to address the “Poodle SSLv3” security vulnerability you may have heard about in the news.
What’s the issue?
The Open SSL Team and Google recently reported a vulnerability with the SSLv3 (Secure Socket Layer version 3), one of the older standards used for secure communications by internet browsers and web servers.
This vulnerability may allow network attackers to intercept content transmitted in SSLv3 secure connections, which could include those you use to communicate with Esendex.
What are Esendex doing about it?
To protect our customers we will be permanently removing support for SSLv3 across all of our services from Wednesday 5th November.
Will this affect me?
We expect that the vast majority of our customers will not be affected but this depends on what Esendex services you use and how you’re accessing them.
If you are using an older internet browser such as Internet Explorer 6 or older, your browser may be unable to support the newer security protocol. If this is the case you must upgrade to a newer internet browser to continue using Echo.
You can find out what browser you’re using and how to upgrade here: http://whatbrowser.org/
In most cases, your API service will continue to function securely with no changes required on your part. Connections made to Esendex’s API using our .Net, Java, PHP and Ruby SDKs will continue to work. If you are connecting directly or using one of our older SDKs please ensure that your software is capable of supporting Transport Layer Security (TLS) when SSLv3 is unavailable.
If you are using Windows Server 2003, Windows XP or older, you may need to apply a service pack to add TLS support to Windows and then manually enable it.
You can find out how to enable TLS on older versions of Windows here: http://blogs.msdn.com/b/kaushal/archive/2011/10/02/support-for-ssl-tls-protocols-on-windows.aspx
If you experience any issues or have any questions, please do not hesitate to contact us at firstname.lastname@example.org.