On Sat, 2025-05-24 at 19:09 +0200, Slawomir Dworaczek via Exim-users wrote:
> How to disable depracated protocols Tls 1 and tls 1.1 and enable only > strong protocols I don't know what the generally accepted config is for SMTP TLS these days, but bare in mind that a connecting MTA may decide to fall back to plain text if it can't agree a protocol/cipher with you. I'd rather have mail sent over TLS 1 than over plain text. Might be worth checking your logs first to see what protocols are in use. You might need to turn on some tls logging options first though. I have these in my log_selector: +tls_peerdn +tls_certificate_verified +tls_cipher +tls_sni. See https://www.exim.org/exim-html-current/doc/html/spec_html/ch-log_files.html -- Mike Cardwell <[email protected]> * https://www.grepular.com https://www.linkedin.com/in/mikecardwell * @grepular:matrix.org https://www.emailprivacytester.com * @[email protected] https://www.parsemail.org * @grepular.bsky.social https://hub.docker.com/u/grepular * PGP: 0DA6 8B1E 1801 A332 https://gitlab.com/grepular *
signature.asc
Description: This is a digitally signed message part
-- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/ ## unsubscribe (doesn't require an account): ## [email protected] ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
