Update postfix TLS settings.

This commit is contained in:
Markus 2016-04-07 00:01:54 +02:00
parent 1d2836001e
commit ffdfa8f08b

View File

@ -28,20 +28,19 @@ alias_database = hash:/etc/aliases
relayhost = relayhost =
# TLS parameters # TLS parameters
smtp_use_tls = yes smtp_tls_security_level = may
smtp_tls_loglevel = 2 smtp_tls_loglevel = 1
smtpd_tls_cert_file=/etc/postfix/ssl/{{ mail_server }}.crt smtpd_tls_cert_file=/etc/postfix/ssl/{{ mail_server }}.crt
smtpd_tls_key_file=/etc/postfix/ssl/{{ mail_server }}.key smtpd_tls_key_file=/etc/postfix/ssl/{{ mail_server }}.key
smtpd_tls_CAfile=/etc/acme/lets-encrypt-x3-cross-signed.pem smtpd_tls_CAfile=/etc/acme/lets-encrypt-x3-cross-signed.pem
smtpd_use_tls=yes
smtpd_tls_security_level = may smtpd_tls_security_level = may
smtpd_tls_auth_only = yes smtpd_tls_auth_only = yes
smtpd_tls_ciphers = medium smtpd_tls_ciphers = medium
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client. # information on enabling SSL in the smtp client.