Package: postfix Version: 3.4.5-1 Severity: minor File: /usr/share/postfix/main.cf.tls
In a fresh Debian 10 with postfix, I didn't recognize these options in main.cf: smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache According to postfix's documentation (http://www.postfix.org/TLS_README.html), the first option should "generally be left empty" these days (it lists some minimum versions). The second option is "highly recommended", so should stay as-is. I *think* /etc/postfix/main.cf gets them from /usr/share/postfix/main.cf.tls. Is there a good reason to leave smtpd_tls_session_cache_database in main.cf.tls? If not, please remove it. -- System Information: Debian Release: 10.0 APT prefers stable APT policy: (990, 'stable'), (500, 'unstable-debug'), (500, 'stable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/8 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled