Revert "[Postfix] Default SMTP server security grade for EECDH key exchange"

This commit is contained in:
André Peters 2018-06-27 23:28:54 +02:00 committed by GitHub
parent f62cae7329
commit bca8920679
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -88,7 +88,7 @@ smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch, permit_m
smtpd_soft_error_limit = 3 smtpd_soft_error_limit = 3
smtpd_tls_auth_only = yes smtpd_tls_auth_only = yes
smtpd_tls_dh1024_param_file = /etc/ssl/mail/dhparams.pem smtpd_tls_dh1024_param_file = /etc/ssl/mail/dhparams.pem
smtpd_tls_eecdh_grade = auto smtpd_tls_eecdh_grade = strong
smtpd_tls_exclude_ciphers = ECDHE-RSA-RC4-SHA, RC4, aNULL, DES-CBC3-SHA, ECDHE-RSA-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA smtpd_tls_exclude_ciphers = ECDHE-RSA-RC4-SHA, RC4, aNULL, DES-CBC3-SHA, ECDHE-RSA-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA
smtpd_tls_loglevel = 1 smtpd_tls_loglevel = 1
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3 smtp_tls_mandatory_protocols = !SSLv2, !SSLv3