Use "smtpd_tls_ciphers = medium" for TLS security.

This commit is contained in:
Markus 2016-02-23 21:03:12 +01:00
parent cb54f03a2a
commit ec50f7afcb

View File

@ -35,11 +35,11 @@ smtpd_tls_key_file=/etc/postfix/ssl/{{ ansible_fqdn }}.key
#smtpd_tls_CAfile=TODO
smtpd_use_tls=yes
smtpd_tls_ciphers = medium
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_mandatory_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH, EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CDC3-SHA, KRB5-DE5, CBC3-SHA
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.