_maps, only smtp_tls_policy_maps that
instruct your outgoing smtp connections.
From: owner-postfix-us...@postfix.org On Behalf Of Max-Julian Pogner
Sent: Thursday, June 11, 2020 10:36 AM
To: postfix-users@postfix.org
Subject: Re: Checking my understanding of TLS-related settings, and a possible
fe
On Thu, Jul 02, 2020 at 09:21:27PM -0400, Viktor Dukhovni wrote:
> Tell your customer politely, but firmly, that you are not at liberty to
> enforce TLS 1.2 inbound, as that would downgrade the security of
> connections from clients that can only do TLS 1.0. However, since
> you do support TLS 1.
> On 3/07/2020, at 13:13, Jeremy Banks wrote:
>
> I am not confident all of our legacy apps can be configured for non-standard
> ports; I would be in no way surprised if one or more of them have the classic
> smtp ports hardcoded. Though, I will discuss that option with my co-workers.
>
> Is
On Thu, Jun 11, 2020 at 04:22:37PM +, Jeremy Banks wrote:
> At my job, we use Postfix as our email setup. Recently, as part of a
> security audit by one of our customers, we were told that our mail
> relays must accept only TLSv1.2 when doing TLS, and not any prior
> versions.
Tell your custo
TLS-related settings, and a possible
feature request
Hello,
well, as a quick-fix you could always start an additional smtpd service on a
non-standard port (by adding an appropriate line in master.cf) and configure
this additional smtpd in exception ways (by adding "-o smtpd_tls_FOO&quo
Hello,
well, as a quick-fix you could always start an additional smtpd service
on a non-standard port (by adding an appropriate line in master.cf) and
configure this additional smtpd in exception ways (by adding "-o
smtpd_tls_FOO" options to the additional smtpd service)
example master.cf line (n
Hello,
At my job, we use Postfix as our email setup. Recently, as part of a security
audit by one of our customers, we were told that our mail relays must accept
only TLSv1.2 when doing TLS, and not any prior versions. Well, that's simple
enough to address. The TLS readme[1] and the documentati
