_maps, only smtp_tls_policy_maps that
instruct your outgoing smtp connections.
From: owner-postfix-us...@postfix.org On Behalf Of Max-Julian Pogner
Sent: Thursday, June 11, 2020 10:36 AM
To: postfix-users@postfix.org
Subject: Re: Checking my understanding of TLS-related settings, and a possible
fe
On Thu, Jul 02, 2020 at 09:21:27PM -0400, Viktor Dukhovni wrote:
> Tell your customer politely, but firmly, that you are not at liberty to
> enforce TLS 1.2 inbound, as that would downgrade the security of
> connections from clients that can only do TLS 1.0. However, since
> you do support TLS 1.
> On 3/07/2020, at 13:13, Jeremy Banks wrote:
>
> I am not confident all of our legacy apps can be configured for non-standard
> ports; I would be in no way surprised if one or more of them have the classic
> smtp ports hardcoded. Though, I will discuss that option with my co-workers.
>
> Is
On Thu, Jun 11, 2020 at 04:22:37PM +, Jeremy Banks wrote:
> At my job, we use Postfix as our email setup. Recently, as part of a
> security audit by one of our customers, we were told that our mail
> relays must accept only TLSv1.2 when doing TLS, and not any prior
> versions.
Tell your custo
TLS-related settings, and a possible
feature request
Hello,
well, as a quick-fix you could always start an additional smtpd service on a
non-standard port (by adding an appropriate line in master.cf) and configure
this additional smtpd in exception ways (by adding "-o smtpd_tls_FOO&quo
Hello,
well, as a quick-fix you could always start an additional smtpd service
on a non-standard port (by adding an appropriate line in master.cf) and
configure this additional smtpd in exception ways (by adding "-o
smtpd_tls_FOO" options to the additional smtpd service)
example master.cf line (n
