Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
postfix [2018/10/30 16:48] steve [Security] |
postfix [2018/10/30 16:56] steve [Security] |
||
---|---|---|---|
Line 96: | Line 96: | ||
</code> | </code> | ||
- | Postfix can define which protocols and ciphers to ignore, and set the preferred order as well. Here, ignore TLSv1 and use stronger ciphers: | + | Postfix can define which protocols and ciphers to ignore, and set the preferred order as well. Here, ignore TLSv1 and use stronger ciphers. |
+ | |||
+ | Also, if you are using OpenSSL 1.1.1 or higher, you can add TLSv1.3 to the list. | ||
<code> | <code> | ||
Line 132: | Line 134: | ||
<code> | <code> | ||
smtp_tls_exclude_ciphers = MD5, aNULL | smtp_tls_exclude_ciphers = MD5, aNULL | ||
- | smtp_tls_mandatory_exclude_ciphers = MD5, aNULL | + | smtp_tls_mandatory_exclude_ciphers = MD5, aNULL |
smtpd_tls_exclude_ciphers = MD5, aNULL | smtpd_tls_exclude_ciphers = MD5, aNULL |