Merge branch 'crypto' into 'master'
postfix: allow client to select the preferred cipher See merge request simple-nixos-mailserver/nixos-mailserver!412
This commit is contained in:
commit
54cb3e5784
1 changed files with 3 additions and 1 deletions
|
@ -287,10 +287,12 @@ in
|
|||
smtp_tls_mandatory_exclude_ciphers = "MD5, DES, ADH, RC4, PSD, SRP, 3DES, eNULL, aNULL";
|
||||
smtp_tls_exclude_ciphers = "MD5, DES, ADH, RC4, PSD, SRP, 3DES, eNULL, aNULL";
|
||||
|
||||
tls_preempt_cipherlist = true;
|
||||
# As long as all cipher suites are considered safe, let the client use its preferred cipher
|
||||
tls_preempt_cipherlist = false;
|
||||
|
||||
# Allowing AUTH on a non encrypted connection poses a security risk
|
||||
smtpd_tls_auth_only = true;
|
||||
|
||||
# Log only a summary message on TLS handshake completion
|
||||
smtp_tls_loglevel = "1";
|
||||
smtpd_tls_loglevel = "1";
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue