On 19/03/23 12:13, Steffen Nurpmeso via Postfix-users wrote:
|> smtpd_tls_protocols = $smtpd_tls_mandatory_protocols
|
|This will simply result in clients that can't support at least TLSv1.2
|connecting in plain text instead. So rather than having (arguably not
|so) poor encryption for those client you would rather have no encryption
|at all? This does not make any sense.
There is none. I have looked, there is only a single server of
value, and it does not even try starttls. (And he won the USENIX
Flame award.)
Assuming you are correct then you still gain nothing with this setting,
and if you are not correct then it will cause you to downgrade potential
encrypted connections to plain text. I know someone will likely argue
with me, but I can really think of no valid reason to set this.
Peter
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
