s: Viktor is correct
that this whole thing is a really bad idea for interoperability. I don't
recommend this workaround in general, I just think it'll work for what
I'm trying to do, which is probably not a typical use case.
Op 23-09-2021 om 22:49 schreef David Mandelberg:
Op
Op 23-09-2021 om 22:26 schreef Viktor Dukhovni:
On Thu, Sep 23, 2021 at 10:02:26PM -0400, David Mandelberg wrote:
With the settings below, postfix 3.5.6 and openssl 1.1.1k successfully
connected to a server with a 2048-bit RSA key, which should be
disallowed by openssl's security le
Hi,
With the settings below, postfix 3.5.6 and openssl 1.1.1k successfully
connected to a server with a 2048-bit RSA key, which should be
disallowed by openssl's security level 4.
tls_high_cipherlist = DEFAULT:!eNULL:!aNULL:@SECLEVEL=4:@STRENGTH
smtp_tls_mandatory_ciphers = high
When I use o
Thank you!
Op 23-09-2021 om 13:44 schreef Viktor Dukhovni:
On Thu, Sep 23, 2021 at 01:19:57PM -0400, David Mandelberg wrote:
Is lmtp_tls_wrappermode safe to use even though it's not documented?
Yes, it is safe to use. The SMTP and LMTP client code Postfix is
largely a single code base
Hi,
I was looking for a way to use implicit TLS with LMTP, similar to
`smtp_tls_wrappermode = yes`. I don't see any mention of
lmtp_tls_wrappermode in http://www.postfix.org/postconf.5.html but
https://github.com/vdukhovni/postfix/blob/f246147ec54bb2b79ac84522d1d1a6c2b1664bd6/postfix/src/globa
