Ok thanks a lot, I think I got my setup (will maybe post the main.cf a bit later for a final comment) and will test it for a while now.
On a side note, you said that a lot depends too much on the receiver side, so would setting `tls_preempt_cipherlist` solve it? On one site it got recommended to me but I was not too sure about that option myself... > There was a discussion on this list not too long ago about > appropriate settings for exclude ciphers. I was not able to find it by looking for combinations of "exclude" and "ciphers" and similar. Do you by chance still have the title or a link to it? I'm new in the mailing list and web interface didn't help out. I would really love to understand the reasoning behind it or arguments which may have appeared. As someone interested in Security as well as someone who want to write his degree on Side-Channel-Attacks I'm kind of curious. It just somehow happened that I became a Server Admin - so I'm still learning on that part. Best Regards, Akimiya -- View this message in context: http://postfix.1071664.n5.nabble.com/What-is-a-good-and-very-secure-configuration-for-public-postfix-server-nowadays-tp76918p76987.html Sent from the Postfix Users mailing list archive at Nabble.com.
