From 5171e61866beade1c0e16a836aa84b3d6b10b5ff Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Fri, 4 May 2018 03:04:21 +0200 Subject: [PATCH] Do not allow inbound sslv2/sslv3 Signed-off-by: Patrick Uiterwijk --- roles/base/files/postfix/main.cf/main.cf.smtp-mm | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/base/files/postfix/main.cf/main.cf.smtp-mm b/roles/base/files/postfix/main.cf/main.cf.smtp-mm index ab4668bc53..65e3cf79d9 100644 --- a/roles/base/files/postfix/main.cf/main.cf.smtp-mm +++ b/roles/base/files/postfix/main.cf/main.cf.smtp-mm @@ -705,6 +705,7 @@ message_size_limit = 20971520 smtpd_use_tls = yes smtpd_tls_security_level = may smtpd_tls_auth_only = yes +smtpd_tls_protocols = !SSLv2, !SSLv3 smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 smtpd_tls_mandatory_ciphers = high smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5, RC4