The one place for your designs
To enable design management, you'll need to meet the requirements. If you need help, reach out to our support team for assistance.
Higher Cipher for mail service
Hello,
@Manoj form the community told me to create here an issue for that: https://community.e.foundation/t/higher-ciper-dane-for-mail-please/8356
I tested your mail service to find out which protocol you use and which cipher suites. The result you can find here: https://mecsa.jrc.ec.europa.eu/en/finderRequest/42625b68ac2493b3ae7aefaadb0dbfaf
Please get rid of the old RSA ciphers, you can use for Postfix this setup:
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /path/to/signed_cert_plus_intermediates
smtpd_tls_key_file = /path/to/private_key
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
tls_preempt_cipherlist = noFor Dovecot this:
ssl = required
ssl_cert = </path/to/signed_cert_plus_intermediates
ssl_key = </path/to/private_key
ssl_dh = </path/to/dhparam.pem
# modern configuration
ssl_min_protocol = TLSv1.2
ssl_prefer_server_ciphers = noWhen you guys need help, let me no I work as Linux Server Administrator for years now.