On 07.01.23 18:53, Sam wrote:
Thank you for explaining. I'm sorry I'm not sure whether I understand
that there's a solution or it's OK. Is there a setting that I can
update in postfix to fix this? I already limited smtpd ciphers to
high, with smtpd_tls_ciphers.
Is there something I can do to fix this "vulnerability"?
PS: Matus asked about the "outdated" solution, here it's: https://www.clearos.com/clearfoundation/social/community/did-an-external-nmap-script-vuln-scan-and-found-a-few-issues-relating-to-ssl-fixes
use smtpd_tls_mandatory_exclude_ciphers instead of smtpd_tls_exclude_ciphers
for ports 465/587 as *_mandatory_* options apply on ports where tls is
mandatory
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Christian Science Programming: "Let God Debug It!".
