On 17/02/17 12:46, L.P.H. van Belle wrote:
> Hai,
Hi, Louis.
> It all depends all in what you need and want.
>
> After monitoring for about a year on with or without encryption.
> I have 0 unecrypted mail servers found and a handfull of SSLv2 or V3.
> Which i simply dont allow anymore. ( T
On Fri, Feb 17, 2017 at 12:44:35PM -0300, Daniel Bareiro wrote:
Do not confuse opportunistic TLS in SMTP with browser to webserver
TLS in HTTPS. In the name of improving security such settings make
your MTA less secure. There are still many systems that can only
do TLS 1.0 and not TLS 1.1 or TLS
DH, AECDH, MD5,
DSS, ECDSA, CAMELLIA128, CAMELLIA256, 3DES
#, RSA+AES
smtpd_tls_eecdh_grade = ultra
Greetz,
Louis
> -Oorspronkelijk bericht-
> Van: domi...@timedicer.co.uk [mailto:owner-postfix-us...@postfix.org]
> Namens Dominic Raferd
> Verzonden: vrijdag 17 februari 2
On 17/02/17 11:43, Fazzina, Angelo wrote:
> Hi,
Hi, Angelo.
Thanks for your prompt reply.
> Here is how I am dealing with "weak ciphers"
> You may be able to do the same type of config ?
>
>
> In /etc/postfix/main.cf
>
>
> # -ALF 2016-09-07
> # disable RC4 ciphers with TLS connections.
> #
On 17 February 2017 at 14:43, Fazzina, Angelo wrote:
> Hi,
> Here is how I am dealing with "weak ciphers"
> You may be able to do the same type of config ?
>
>
> In /etc/postfix/main.cf
>
>
> # -ALF 2016-09-07
> # disable RC4 ciphers with TLS connections.
> #smtpd_tls_exclude_ciphers = RC4, aNULL
Hi,
Here is how I am dealing with "weak ciphers"
You may be able to do the same type of config ?
In /etc/postfix/main.cf
# -ALF 2016-09-07
# disable RC4 ciphers with TLS connections.
#smtpd_tls_exclude_ciphers = RC4, aNULL
# -ALF 2017-01-09
# disable weak ciphers, and RC4 ciphers
smtpd_tls_excl
