Gerd Hoerst via Postfix-users skrev den 2023-03-18 14:54:
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1 smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1 in main.cf
in main.cf put a # in this lines, so its default from postconf -d
but unfortunately i have a sender (its a printer) which is not capable for TLSv1.1 and up..
add in master.cf -o smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3,!TLSv1 -o smtpd_tls_protocols=!SSLv2,!SSLv3,!TLSv1 so only port 465, 587 have this, but you should keep defaults this will do what you want, but imho why not keep all tls for all ?
How can i manage to use TLSv1.1 and up from outside but allow TLSv1 from inside my network
tlsv1 is less weak then tlsv1.1 others will comment now I am sure :) _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
