Very nicely done, thanks for the patch! I'll get this added to the codebase.
-- Sam Clippinger On 7/14/10 1:32 AM, Chris Boulton wrote: > Hi, > > We're rolling out spamdyke across our Qmail servers, and for PCI > compliance we need to ensure that no low/weak ciphers are being used > for TLS/SSL communication. I noticed spamdyke doesn't have a way to > configure the available ciphers, so I've built it in. > > Patch attached will apply against 1.4.10 and introduces a new > configuration option "tls-cipher-list", which will default to > "DEFAULT". A list of supported ciphers can be found by running > `openssl ciphers`, and it's just a matter of specifying the allowable > ciphers as you would in a TLS patched Qmail: > > tls-cipher-list=ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!SSLv2:RC4+RSA:+HIGH:-MEDIUM > > Would love to see this pushed back to spamdyke, as I'm sure it's > something a lot of people would have a good use for. > > Regards, > > Chris Boulton > Lead Engineer > BigCommerce / Interspire > > Email: [email protected] > Web: http://www.bigcommerce.com > Web: http://www.interspire.com > > Australia: +61 2 9262 7770 > USA: 1800 939 5570 > > > > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
