> On May 26, 2017, at 11:29 AM, Fazzina, Angelo <angelo.fazz...@uconn.edu>
> wrote:
>
> Have you considered limiting weak ciphers ?
>
> smtpd_tls_exclude_ciphers =
That layer of tweak is neither recommended nor needed. What is recommended is:
smtpd_tls_ciphers = medium
smtp_tls_ciphers = medium
these are default values in reasonably recent versions of Postfix.
As to the OP's question without a description of the requirements, it can't
be answered. His settings are fairly normal. Most of these are TLS settings,
is there perhaps confusion between "SASL" and "SSL"?
More specific questions, get more meaningful answers.
--
Viktor.
