diff -dur ejabberd-13.10.orig/deps/p1_tls/c_src/p1_tls_drv.c ejabberd-13.10/deps/p1_tls/c_src/p1_tls_drv.c
--- ejabberd-13.10.orig/deps/p1_tls/c_src/p1_tls_drv.c	2013-07-17 13:50:12.000000000 +0200
+++ ejabberd-13.10/deps/p1_tls/c_src/p1_tls_drv.c	2013-11-16 15:29:02.705022418 +0100
@@ -44,7 +44,7 @@
 #define SSL_OP_NO_TICKET 0
 #endif
 
-#define CIPHERS "DEFAULT:!EXPORT:!LOW:!SSLv2"
+#define CIPHERS "DEFAULT:!EXPORT:!LOW:!SSLv2:!3DES"
 
 /*
  * R15B changed several driver callbacks to use ErlDrvSizeT and
@@ -490,11 +490,11 @@
 	 SSL_set_bio(d->ssl, d->bio_read, d->bio_write);
 
 	 if (command == SET_CERTIFICATE_FILE_ACCEPT) {
-	    SSL_set_options(d->ssl, SSL_OP_NO_SSLv2|SSL_OP_NO_TICKET|SSL_OP_ALL);
+	    SSL_set_options(d->ssl, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TICKET|SSL_OP_ALL);
 
 	    SSL_set_accept_state(d->ssl);
 	 } else {
-	    SSL_set_options(d->ssl, SSL_OP_NO_SSLv2|SSL_OP_NO_TICKET);
+	    SSL_set_options(d->ssl, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TICKET);
 	    SSL_set_connect_state(d->ssl);
 	 }
 	 break;