On Thu, Aug 20, 2020 at 01:33:16AM +1000, Nikolai Lusan wrote:
> Personally I have:
>
> smtp_tls_security_level = may
> smtpd_tls_security_level = may
> smtp_tls_note_starttls_offer = yes
The last one one is redundant, unless you also have a policy table with
security level set to "none" for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Tue, 2020-08-18 at 06:42 -0600, @lbutlr wrote:
>
> smtp_tls_exclude_ciphers = MD5, aDSS, kECDH, kDH, SEED, IDEA, RC2,
> RC5
> smtp_tls_loglevel = 1
FWIW it is worth periodically reviewing the documentation for openssl
and the ciphers it offers
Em 18/08/2020 09:42, @lbutlr escreveu:
The specific info on this can be found on
http://www.postfix.org/TLS_README.html#client_tls_policy which says,
specifically:
#v+
A small fraction of servers offer STARTTLS but the negotiation consistently
fails. As long as encryption is not mandatory,
On 18 Aug 2020, at 04:51, Dominic Raferd wrote:
> On Tue, 18 Aug 2020 at 11:29, Leonardo Rodrigues
> wrote:
>>
>> Question: is there some parameter to allow smtp daemons to,
>> somehow, fallback to non-TLS deliveries after, for example, N number of
>> delivery tries or N seconds, for
Em 18/08/2020 07:51, Dominic Raferd escreveu:
Question: is there some parameter to allow smtp daemons to,
somehow, fallback to non-TLS deliveries after, for example, N number of
delivery tries or N seconds, for example? I have already searched on
TLS_README.html but couldn't find anything
On Tue, 18 Aug 2020 at 11:29, Leonardo Rodrigues
wrote:
>
>
> Hello Everyone,
>
> Trying to enable smtp_tls_* on my server for allowing emails
> delivery to the world using TLS (not smtpd_tls_*, those are working just
> fine for years).
>
> While i could get it working fine, i'm
Hello Everyone,
Trying to enable smtp_tls_* on my server for allowing emails
delivery to the world using TLS (not smtpd_tls_*, those are working just
fine for years).
While i could get it working fine, i'm afraid that some wrongly
configured servers, that offers TLS but have