I've been using imap with openssl happily for about 15 years.

Recently it stopped working with a very well-known mail host.  A friend who
is usually on top of these things tells me that there is a vulnerability
named "poodle" when using the -ssl3 option of openssl s_client and one
should now have at the top of the list
imap-ssl-program (in imap.el) the following:

         "openssl s_client -quiet -tls1 -connect %s:%p"

He hastens to point out that the option -tls1 does not mean that one is
using tls rather than ssl -- a statement that means little to me.

Meanwhile, without the latest imap.el one can patch this easily enough in
.gnus by cons-ing the new string into imap-ssl-program AFTER manually
loading imap.

-- 
William F Hammond
Email: gellmu@gmail.com
https://www.facebook.com/william.f.hammond
http://www.albany.edu/~hammond