infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions

smtp-mm / base / postfix: use gateway-chain cert

Browse source 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi 2023-06-13 16:32:54 -07:00
parent a67ddb2267
commit 14a3a6a2c1
1 changed files with 2 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

6
roles/base/files/postfix/main.cf/main.cf.smtp-mm
View file

@ -712,8 +712,7 @@ smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5, RC4
#tls_ssl_options = no_ticket, no_compression
smtpd_tls_loglevel = 1
smtpd_tls_cert_file = /etc/pki/tls/certs/gateway.crt
smtpd_tls_key_file = /etc/pki/tls/private/gateway.key
smtpd_tls_chain_files = /etc/pki/tls/private/gateway-chain.pem
smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
@ -734,8 +733,7 @@ smtp_tls_mandatory_protocols = !SSLv2,!SSLv3
smtp_tls_mandatory_ciphers = high
smtp_tls_mandatory_exclude_ciphers= aNULL, MD5, RC4
smtp_tls_loglevel = 1
smtp_tls_cert_file = /etc/pki/tls/certs/gateway.crt
smtp_tls_key_file = /etc/pki/tls/private/gateway.key
smtp_tls_chain_files = /etc/pki/tls/private/gateway-chain.pem
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
# Deny email from some domains