Postfix ssl stuff
Zur Navigation springen
Zur Suche springen
- cat /etc/postfix/main.cf
smtp_use_tls = yes smtp_tls_note_starttls_offer = yes smtp_tls_mandatory_protocols = !SSLv2, !SSLv3 , !TLSv1 , !TLSv1.1 smtp_tls_protocols = !SSLv2, !SSLv3 , !TLSv1 , !TLSv1.1 lmtp_tls_mandatory_protocols = !SSLv2, !SSLv3 , !TLSv1 , !TLSv1.1 lmtp_tls_protocols = !SSLv2, !SSLv3 , !TLSv1 , !TLSv1.1 smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 , !TLSv1 , !TLSv1.1 smtpd_tls_protocols = !SSLv2, !SSLv3 , !TLSv1 , !TLSv1.1 smtpd_tls_mandatory_ciphers=high tls_high_cipherlist=EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA disable_vrfy_command=yes smtpd_tls_dh1024_param_file = /etc/ssl/certs/dhparam.pem