On Sun, May 24, 2015 at 06:38:50AM -0400, Postfix User wrote:
> > smtpd_tls_protocols = !SSLv2, !SSLv3
> > smtp_tls_protocols = !SSLv2, !SSLv3
>
> Wouldn't the following be more secure:
>
> smtpd_tls_protocols=!SSLv2, !SSLv3, !TLSv1, !TLSv1.1
> smtpd_tls_protocols=!SSLv2, !SSLv3, !TLSv1, !TLSv1.1
No, these are less secure. Bleeding edge security settings mean
more email sent in the clear, or not delivered at all.
> I thought I saw that listed on this forum earlier this year.
Don't believe all the nonsense posted on the Internet.
--
Viktor.
