plans to no longer support two very old security systems called SSLv3 and RC4. As mentioned in Adam Langley’s announcement, these systems are no longer secure and pose a risk to those still using them:
SSLv3 has been obsolete for over 16 years and is so full of known problems that the Internet Engineering Task Force (IETF) has decided that it must no longer be used. RC4 is a 28-year-old cipher that has done remarkably well, but is now the subject of multiple attacks at security conferences. The IETF has decided that RC4 also warrants a statement that it too must no longer be used.
Because of these issues,
after June 16, 2016, we will disable both SSLv3 and RC4 support at Google’s SMTP servers and on Gmail’s web servers.
If you are still using SSLv3 or RC4: - Most organizations on Google Apps have already stopped using SSLv3 and RC4; however, if you are still on these older systems, we recommend reviewing the suggested actions in the Security Blog announcement and updating to modern TLS configurations.
- Some common systems that may still be using SSLv3: inbound/outbound gateways, third-party emailers, and systems using SMTP relay.
After this change, servers sending messages via SSLv3 and RC4 will no longer be able to exchange mail with Google’s SMTP servers, and some users using older and insecure mail clients won't be able to send mail.
Launch DetailsRelease track: Launching to both Rapid release and Scheduled release
Rollout pace: Gradual rollout (potentially longer than 3 days for feature visibility)
Impact: Admins only
Action: Admin action required for domains using SSLv3 and RC4 for Gmail SMTP
More InformationDisabling SSLv3 and RC4
Note: all launches are applicable to all Google Apps editions unless otherwise notedLaunch release calendarLaunch detail categoriesGet these product update alerts by emailSubscribe to the RSS feed of these updates