On 22 May 2015, at 07:42, Viktor Dukhovni <postfix-us...@dukhovni.org> wrote: > # Avoid obsolete protocol versions > # > smtpd_tls_protocols = !SSLv2, !SSLv3 > smtp_tls_protocols = !SSLv2, !SSLv3
Quick question. On 8 Feb 2015, you said: > Depending on who your users correspond with, you may not lose much by > disabling SSLv3, but you'll not gain anything by doing so. However, while > turning of SSLv3 (if you so choose) do not disable TLSv1.1 and TLSv1.2. > > Recommended: > > smtpd_tls_protocols = !SSLv2 > > Mostly harmless: > > smtpd_tls_protocols = !SSLv2, !SSLv3 Has your thinking on this changed with regards to !SSLv3 on smtpd since February? -- Penny! *Everything* is better with BlueTooth
