Hi, > Postfix settings are documented in postconf(5). Unless you are an SSL > expert who understands OpenSSL source code in detail, you really should > not change the default settings, and generally don't need to know what > they are.
So is it at OpenSSL compile time that the ciphers would be specified and determined whether or not to make them available to postfix? Then when postfix is built, it is able to interpret at that time how to integrate and make available the ciphers provided to it by OpenSSL? > to smtp.mydomain.com TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits) The 168/168 is a reference to the session key, correct? Configured for tlsmgr at run-time? > The remote system or your OpenSSL library or both do not support AES. Okay, can I draw the conclusion that the cipher shown is the "strongest" available on either the remote or local system? It's not possible to figure out which ciphers are offered to TLS clients on my server? Thanks so much. Best regards, Alex
