Hello,
German regulations (TR-02102-2 [1]) say, using 2048 bit Diffie-Hellman parameters is
"deprecated".
Not using DHE cipher suited is one option but that limit TLS communication with
some sites that will fallback to plaintext then.
So, I have to use 3072 bit or 4096 DH parameter.
As 3072 se
Am 10.09.25 um 18:58 schrieb Wietse Venema via Postfix-users:
The attached backport is just code, not documentation.
Thanks, Wietse!
I confirm, a slightly updated version (attached) works at a first test with
postfix-3.10.4
master.cf
12345 inet n - - - - smtpd
-o smtpd_tls_security_l
Hello Viktor,
Am 10.09.25 um 17:43 schrieb Viktor Dukhovni via Postfix-users:
That, despite apparently some clients caught off guard. This choice
feels too aggressive to me. But, if you're willing to go out on a limb,
perhaps you're also willing to deploy a Postfix development snapshot,
in wh
Am 18.08.25 um 17:41 schrieb Don Cohen via Postfix-users:
postconf confirms that softbounce = no but the log shows
attempts to resend messages that return code 554.
I want these not to be retried. Any ideas?
I only know soft_bounce ...
___
Postfi
Am 17.07.25 um 13:08 schrieb Marko Cupać via Postfix-users:
There are some "valid" senders which seem to violate their own policies
What is the most appropriate way to selectively accept those emails?
configure OpenDMARC (!) to not reject this messages:
-
https://manpages.debian.org/bookw
Am 19.06.25 um 11:24 schrieb Michael Webb via Postfix-users:
In my master.cf I have defined a dedicated listener (port 10032) to receive TLS
reports from the tlsrpt-reporter package so they can be relayed without
generating another TLS report (to avoid a report loop).
I tried to use these 2
