bundles/postfix: set tls ciphers to medium to increase compatibility with centos

This commit is contained in:
Franzi 2022-11-04 07:05:33 +01:00
parent 1bed137116
commit 3db6078d9b
Signed by: kunsi
GPG key ID: 12E3D2136B818350

View file

@ -33,7 +33,7 @@ smtp_tls_security_level = dane
smtp_dns_support_level = dnssec smtp_dns_support_level = dnssec
smtp_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1 smtp_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtp_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1 smtp_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtp_tls_ciphers = high smtp_tls_ciphers = medium
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
</%text> </%text>
@ -53,7 +53,7 @@ smtpd_tls_mandatory_ciphers = high
smtpd_tls_exclude_ciphers = aNULL,LOW,EXP,MEDIUM,ADH,AECDH,MD5,DSS,ECDSA,CAMELLIA128,3DES,CAMELLIA256,RSA+AES,eNULL smtpd_tls_exclude_ciphers = aNULL,LOW,EXP,MEDIUM,ADH,AECDH,MD5,DSS,ECDSA,CAMELLIA128,3DES,CAMELLIA256,RSA+AES,eNULL
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1 smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1 smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_ciphers = high smtpd_tls_ciphers = medium
smtpd_tls_auth_only = yes smtpd_tls_auth_only = yes
</%text> </%text>