Hi Eero. I'm using the default settings in postfix. In fact, you can
look in my settings you'll find `smtpd_tls_eecdh_grade = ultra`. That's
the only DH related thing AFAIK.
On 07/01/2023 1:53 PM, Eero Volotinen wrote:
I think you are using insecure dh group 1?
Eero
la 7. tammik. 2023 klo 1
Matus UHLAR - fantomas wrote in
:
...
|one
|can disable aDH by adding it to smtp_tls_mandatory_exclude_ciphers.
Just last week with the new lighttpd update i followed his
maintainer by doing (the EDH+AESGCM is _my_ addition, blame _me_
for that, it adds four combinations):
# super modern,
Thank you, guys. I appreciate it. Have a great day.
On 07/01/2023 9:23 PM, Viktor Dukhovni wrote:
On Sat, Jan 07, 2023 at 12:38:06PM +0400, Sam wrote:
when I run `nmap --script vuln example.com` against a server I manage, I
get the following vulnerability on my server on both ports 465 and 5
On Sat, Jan 07, 2023 at 12:38:06PM +0400, Sam wrote:
> when I run `nmap --script vuln example.com` against a server I manage, I
> get the following vulnerability on my server on both ports 465 and 587.
> The only solutions I found are for legacy systems.
The "nmap" report is wasting your time.
On 07.01.23 18:53, Sam wrote:
Thank you for explaining. I'm sorry I'm not sure whether I understand
that there's a solution or it's OK. Is there a setting that I can
update in postfix to fix this? I already limited smtpd ciphers to
high, with smtpd_tls_ciphers.
Is there something I can do to
Thank you for explaining. I'm sorry I'm not sure whether I understand
that there's a solution or it's OK. Is there a setting that I can update
in postfix to fix this? I already limited smtpd ciphers to high, with
smtpd_tls_ciphers.
Is there something I can do to fix this "vulnerability"?
PS:
Wietse Venema:
> Sam:
> > Hello everyone
> >
> > when I run `nmap --script vuln example.com` against a server I manage, I
> > get the following vulnerability on my server on both ports 465 and 587.
> > The only solutions I found are for legacy systems.
> >
> >
> > 587/tcp open submission
>
Sam:
when I run `nmap --script vuln example.com` against a server I manage, I
get the following vulnerability on my server on both ports 465 and 587.
The only solutions I found are for legacy systems.
...and theose solutions are?
587/tcp open submission
| ssl-dh-params:
| VULNERABLE:
|
Sam:
> Hello everyone
>
> when I run `nmap --script vuln example.com` against a server I manage, I
> get the following vulnerability on my server on both ports 465 and 587.
> The only solutions I found are for legacy systems.
>
>
> 587/tcp open submission
> | ssl-dh-params:
> | VULNERABL
Hello everyone
when I run `nmap --script vuln example.com` against a server I manage, I
get the following vulnerability on my server on both ports 465 and 587.
The only solutions I found are for legacy systems.
587/tcp open submission
| ssl-dh-params:
| VULNERABLE:
| Anonymous Diffie
10 matches
Mail list logo
