Disable SSLv3 an select ciphers in amavis
Markus Benning
ich at markusbenning.de
Mon Mar 23 09:07:20 CET 2015
Sorry, there was an error in the patch.
I added a few more options which may be of intrest:
+ $smtpd_tls_cipher_list = undef; # SSL_cipher_list
+ $smtpd_tls_version = undef; # SSL_version
+ $smtpd_tls_CAfile = undef; # SSL_ca_file
+ $smtpd_tls_honor_cipher_order = undef; # SSL_honor_cipher_order
+ $smtpd_dh_params_file = undef; # SSL_dh_file
+
+ $smtp_tls_cipher_list = undef; # SSL_cipher_list
+ $smtp_tls_version = undef; # SSL_version
+ $smtp_tls_CAfile = undef; # SSL_client_ca_file
For documentation of parameters see the IO::Socket::SSL man page.
On Fri, Mar 20, 2015 at 03:07:34PM +0000, Grooz, Marc (regio iT) wrote:
> Thank You! The ssl_cipher_list isn't respected by amavis especially with the smtpd. Any idear?
--
Markus Benning, https://markusbenning.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: amavisd-tls-params.patch
Type: text/x-diff
Size: 3720 bytes
Desc: not available
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20150323/cab67fea/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20150323/cab67fea/attachment.sig>
More information about the amavis-users
mailing list