From c386dfc11d6911e10bd0c05a96267705425bfbb4 Mon Sep 17 00:00:00 2001
From: elcore <eldinhadzic@protonmail.com>
Date: Wed, 27 Jun 2018 03:39:54 +0200
Subject: [PATCH] [Postfix] Default SMTP server security grade for EECDH key
 exchange

---
 data/conf/postfix/main.cf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/conf/postfix/main.cf b/data/conf/postfix/main.cf
index 9ce7dcde..dc49e75e 100644
--- a/data/conf/postfix/main.cf
+++ b/data/conf/postfix/main.cf
@@ -88,7 +88,7 @@ smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch, permit_m
 smtpd_soft_error_limit = 3
 smtpd_tls_auth_only = yes
 smtpd_tls_dh1024_param_file = /etc/ssl/mail/dhparams.pem
-smtpd_tls_eecdh_grade = strong
+smtpd_tls_eecdh_grade = auto
 smtpd_tls_exclude_ciphers = ECDHE-RSA-RC4-SHA, RC4, aNULL, DES-CBC3-SHA, ECDHE-RSA-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA
 smtpd_tls_loglevel = 1
 smtp_tls_mandatory_protocols = !SSLv2, !SSLv3