On 2023-03-18 at 09:54:15 UTC-0400 (Sat, 18 Mar 2023 14:54:15 +0100)
Gerd Hoerst via Postfix-users <g...@hoerst.net>
is rumored to have said:
Hi !
I setup my postfix for the clients to use only protocols > TLSv1
with
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1
smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1
in main.cf
Why?
but unfortunately i have a sender (its a printer) which is not capable
for TLSv1.1 and up..
How can i manage to use TLSv1.1 and up from outside but allow TLSv1
from inside my network
What do you believe to be the risk of allowing TLSv1.0 for SMTP?
My understanding is that the marginal risks of TLSv1.0 are not relevant
to SMTP. It is also inherently counter-productive to prohibit TLSv1.0 if
you allow unencrypted SMTP as a fallback.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
