On 11 Nov 2016, at 14:31, li...@lazygranch.com wrote:
On Fri, 11 Nov 2016 09:54:48 -0500
"Bill Cole" wrote:
[big snip...]
The bottom line (if you've made it this far...) is that the settings
that involve deep encryption parameters in modern Postfix are best
left at their default values unle
On Sat, 12 Nov 2016 15:29:54 -0500
"Bill Cole" wrote:
> On 11 Nov 2016, at 14:31, li...@lazygranch.com wrote:
>
> > On Fri, 11 Nov 2016 09:54:48 -0500
> > "Bill Cole" wrote:
>
> [big snip...]
>
> >> The bottom line (if you've made it this far...) is that the
> >> settings that involve deep
On 12 Nov 2016, at 18:59, li...@lazygranch.com wrote:
# postconf tls_high_cipherlist
tls_high_cipherlist = aNULL:-aNULL:HIGH:@STRENGTH
verified
Assuming the default "high" setting is sufficient, why wouldn't I
change
this parameter to high rather than medium.
postconf smtpd_tls_mandatory_cip
On Sun, 13 Nov 2016 01:43:17 -0500
"Bill Cole" wrote:
> If the NSA/GCHQ capturing all of your SMTP traffic and saving it for
> hypothetical future decryption is a realistic and significant
> scenario in your threat model, you should reconsider your use of
> email.
>
I'm in the USA and getting
On 13.11.2016 07:55, li...@lazygranch.com wrote:
> On Sun, 13 Nov 2016 01:43:17 -0500
> "Bill Cole" wrote:
> >
>> If the NSA/GCHQ capturing all of your SMTP traffic and saving it for
>> hypothetical future decryption is a realistic and significant
>> scenario in your threat model, you should rec
