Require TLSv1.2 for submission
This commit is contained in:
parent
b1ce5b3e84
commit
08ddca07c8
GPG key ID:
C19B924C0CD13341
1 changed files with 3 additions and 0 deletions
|
|
@ -19,6 +19,9 @@ submission inet n - y - - smtpd
|
||||||
-o smtpd_tls_security_level=encrypt
|
-o smtpd_tls_security_level=encrypt
|
||||||
-o smtpd_tls_cert_file=$mua_tls_cert_file
|
-o smtpd_tls_cert_file=$mua_tls_cert_file
|
||||||
-o smtpd_tls_key_file=$mua_tls_key_file
|
-o smtpd_tls_key_file=$mua_tls_key_file
|
||||||
|
-o smtpd_tls_mandatory_protocols=>=TLSv1.2
|
||||||
|
-o smtpd_tls_mandatory_ciphers=high
|
||||||
|
-o tls_high_cipherlist=ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
|
||||||
-o syslog_name=postfix/submission
|
-o syslog_name=postfix/submission
|
||||||
-o smtpd_sasl_auth_enable=yes
|
-o smtpd_sasl_auth_enable=yes
|
||||||
-o smtpd_reject_unlisted_recipient=no
|
-o smtpd_reject_unlisted_recipient=no
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue