comments on extra lines

This commit is contained in:
Robin Raymond 2017-09-20 09:26:42 +02:00
parent 50350349b1
commit 875db33579

View file

@ -82,14 +82,19 @@ in
smtpd_sasl_path = private/auth smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes smtpd_sasl_auth_enable = yes
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
# TLS settings, inspired by https://github.com/jeaye/nix-files # TLS settings, inspired by https://github.com/jeaye/nix-files
smtpd_tls_security_level = may # Submission by mail clients is handled in submissionOptions # Submission by mail clients is handled in submissionOptions
smtpd_tls_eecdh_grade = ultra # strong might suffice and is computationally less expensive smtpd_tls_security_level = may
smtpd_tls_protocols = !SSLv2, !SSLv3 # Disable predecessors to TLS # strong might suffice and is computationally less expensive
smtpd_tls_auth_only = yes # Allowing AUTH on a non encrypted connection poses a security risk smtpd_tls_eecdh_grade = ultra
smtpd_tls_loglevel = 1 # Log only a summary message on TLS handshake completion # Disable predecessors to TLS
smtpd_tls_protocols = !SSLv2, !SSLv3
# Allowing AUTH on a non encrypted connection poses a security risk
smtpd_tls_auth_only = yes
# Log only a summary message on TLS handshake completion
smtpd_tls_loglevel = 1
# Disable weak ciphers as reported by https://ssl-tools.net # Disable weak ciphers as reported by https://ssl-tools.net
# https://serverfault.com/questions/744168/how-to-disable-rc4-on-postfix # https://serverfault.com/questions/744168/how-to-disable-rc4-on-postfix
smtpd_tls_exclude_ciphers = RC4, aNULL smtpd_tls_exclude_ciphers = RC4, aNULL