Hello all I have opportunistic TLS (offering STARTLS) configured in my main.cf file. I have been tasked to disable SSLv2 and SSLv3 as well as disable medium strength ciphers (to use high strength ones instead) in my postfix server. If I was to add the following to my main.cf:
smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3 smtp_tls_mandatory_protocols=!SSLv2,!SSLv3 smtpd_tls_protocols=!SSLv2,!SSLv3 smtp_tls_protocols=!SSLv2,!SSLv3 will this be enough to disable medium strength ciphers as well as disable SSLv2/v3? Or will I need more? Also would this configuration cause any issues with the opportunistic TLS configuration that I already have set up in my main.cf? All help is greatly appreciated! Thanks! Sean
