Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
postfix [2018/10/30 16:48] steve [Security] |
postfix [2018/10/30 16:56] steve [Security] |
||
|---|---|---|---|
| Line 96: | Line 96: | ||
| </code> | </code> | ||
| - | Postfix can define which protocols and ciphers to ignore, and set the preferred order as well. Here, ignore TLSv1 and use stronger ciphers: | + | Postfix can define which protocols and ciphers to ignore, and set the preferred order as well. Here, ignore TLSv1 and use stronger ciphers. |
| + | |||
| + | Also, if you are using OpenSSL 1.1.1 or higher, you can add TLSv1.3 to the list. | ||
| <code> | <code> | ||
| Line 132: | Line 134: | ||
| <code> | <code> | ||
| smtp_tls_exclude_ciphers = MD5, aNULL | smtp_tls_exclude_ciphers = MD5, aNULL | ||
| - | smtp_tls_mandatory_exclude_ciphers = MD5, aNULL | + | smtp_tls_mandatory_exclude_ciphers = MD5, aNULL |
| smtpd_tls_exclude_ciphers = MD5, aNULL | smtpd_tls_exclude_ciphers = MD5, aNULL | ||
