install/mailsystem
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

install_postfix_advanced.sh: exclude TLSv1 for smtp server and TLSv1 and TLSv1.1 for smtp client.

Browse Source
This commit is contained in:
Christoph
2023-11-13 09:25:54 +01:00
parent 190b0d0fcb
commit 0bde654616
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
install_postfix_advanced.sh
View File

@@ -1828,22 +1828,22 @@ smtp_tls_CAfile = $_TLS_CA_FILE
# #
# List of TLS protocols that the Postfix SMTP server will exclude or # List of TLS protocols that the Postfix SMTP server will exclude or
# include with opportunistic TLS encryption. # include with opportunistic TLS encryption.
smtpd_tls_protocols = !SSLv2, !SSLv3 smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1
# #
# The SSL/TLS protocols accepted by the Postfix SMTP server # The SSL/TLS protocols accepted by the Postfix SMTP server
# with mandatory TLS encryption. # with mandatory TLS encryption.
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1
# Disable SSLv2 SSLv3 - Postfix SMTP client # Disable SSLv2 SSLv3 - Postfix SMTP client
# #
# List of TLS protocols that the Postfix SMTP client will exclude or # List of TLS protocols that the Postfix SMTP client will exclude or
# include with opportunistic TLS encryption. # include with opportunistic TLS encryption.
smtp_tls_protocols = !SSLv2, !SSLv3 smtp_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
# #
# List of SSL/TLS protocols that the Postfix SMTP client will use # List of SSL/TLS protocols that the Postfix SMTP client will use
# with mandatory TLS encryption # with mandatory TLS encryption
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3 smtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
## - Activate des "Ephemeral Elliptic Curve Diffie-Hellman" (EECDH) key exchange ## - Activate des "Ephemeral Elliptic Curve Diffie-Hellman" (EECDH) key exchange