Hi,
First of all, I apologize for my bad english.
I use postfix-3.3.1 and openssl-1.0.2.
Actual ssl config : tlsv1.0 minimum is set for smtp and smtpd. tlsv1.2
minimum is set for submission/starttls.
My goal : All auth connections must be done with tlsv1.2 minimum. Others
connections can be done with tlsv1.0 minimum.
If I use tlsv1.2 minimum everywhere, I can't send/receive mail to/from
mail provider still using tlsv1.0 so I had to set tlsv1.0 minimum. But I
want to allow auth connections from users of my smtp/imap server with
tlsv1.2 minimum.
I already set up tlsv1.2 minimum for submission/starttls. I thought
about disable auth connection using 465 port but I don't want to force
my users to strictly use starttls.
Is there a way to allow tlsv1.0 minimum for unauth connection and allow
tlsv1.2 minimum for auth connection on port 465 ?
Have a nice day!
--
Thomas Bourdon
