From 8d5f91bf986524a87faec7af453b4bd281b4bd5f Mon Sep 17 00:00:00 2001 From: link2xt Date: Fri, 26 Jan 2024 19:42:18 +0000 Subject: [PATCH] postfix: use new syntax for TLS version --- cmdeploy/src/cmdeploy/postfix/main.cf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmdeploy/src/cmdeploy/postfix/main.cf.j2 b/cmdeploy/src/cmdeploy/postfix/main.cf.j2 index 2864ff31..690cc661 100644 --- a/cmdeploy/src/cmdeploy/postfix/main.cf.j2 +++ b/cmdeploy/src/cmdeploy/postfix/main.cf.j2 @@ -23,7 +23,7 @@ smtp_tls_CApath=/etc/ssl/certs smtp_tls_security_level=may smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_tls_policy_maps = socketmap:inet:127.0.0.1:8461:postfix -smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1 +smtpd_tls_protocols = >=TLSv1.2 smtpd_tls_exclude_ciphers = ECDHE-RSA-RC4-SHA, RC4, aNULL, DES-CBC3-SHA, ECDHE-RSA-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination