Merge pull request #1510 from elcore/patch-1
[Postfix] Default SMTP server security grade for EECDH key exchangemaster
commit
f62cae7329
|
@ -88,7 +88,7 @@ smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch, permit_m
|
||||||
smtpd_soft_error_limit = 3
|
smtpd_soft_error_limit = 3
|
||||||
smtpd_tls_auth_only = yes
|
smtpd_tls_auth_only = yes
|
||||||
smtpd_tls_dh1024_param_file = /etc/ssl/mail/dhparams.pem
|
smtpd_tls_dh1024_param_file = /etc/ssl/mail/dhparams.pem
|
||||||
smtpd_tls_eecdh_grade = strong
|
smtpd_tls_eecdh_grade = auto
|
||||||
smtpd_tls_exclude_ciphers = ECDHE-RSA-RC4-SHA, RC4, aNULL, DES-CBC3-SHA, ECDHE-RSA-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA
|
smtpd_tls_exclude_ciphers = ECDHE-RSA-RC4-SHA, RC4, aNULL, DES-CBC3-SHA, ECDHE-RSA-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA
|
||||||
smtpd_tls_loglevel = 1
|
smtpd_tls_loglevel = 1
|
||||||
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
|
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
|
||||||
|
|
Loading…
Reference in New Issue