2
0
mirror of https://github.com/vdukhovni/postfix synced 2025-08-22 09:57:34 +00:00

postfix-2.10-20120423

This commit is contained in:
Wietse Venema 2012-04-23 00:00:00 -05:00 committed by Viktor Dukhovni
parent 1084d50ada
commit 63decacea3
7 changed files with 28 additions and 19 deletions

View File

@ -509,9 +509,10 @@ Example, MSA that requires TLSv1, not SSLv2 or SSLv3, with high grade ciphers:
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5
smtpd_tls_security_level = encrypt
smtpd_tls_mandatory_protocols = TLSv1
# Preferred interface with Postfix >= 2.5:
# Preferred form with Postfix >= 2.5:
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
# Alternative form.
smtpd_tls_mandatory_protocols = TLSv1
If you want to take advantage of ciphers with ephemeral Diffie-Hellman (EDH)
key exchange (this offers "forward-secrecy"), DH parameters are needed. Instead
@ -1427,9 +1428,10 @@ Example:
smtp_tls_mandatory_ciphers = medium
smtp_tls_mandatory_exclude_ciphers = RC4, MD5
smtp_tls_exclude_ciphers = aNULL
smtp_tls_mandatory_protocols = SSLv3, TLSv1
# Also available with Postfix >= 2.5:
# Preferred form with Postfix >= 2.5:
smtp_tls_mandatory_protocols = !SSLv2
# Alternative form.
smtp_tls_mandatory_protocols = SSLv3, TLSv1
# Also available with Postfix >= 2.6:
smtp_tls_ciphers = export
smtp_tls_protocols = !SSLv2

View File

@ -733,9 +733,10 @@ ciphers: </p>
<a href="postconf.5.html#smtpd_tls_mandatory_ciphers">smtpd_tls_mandatory_ciphers</a> = high
<a href="postconf.5.html#smtpd_tls_mandatory_exclude_ciphers">smtpd_tls_mandatory_exclude_ciphers</a> = aNULL, MD5
<a href="postconf.5.html#smtpd_tls_security_level">smtpd_tls_security_level</a> = encrypt
<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = TLSv1
# Preferred interface with Postfix &ge; 2.5:
# Preferred form with Postfix &ge; 2.5:
<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = !SSLv2, !SSLv3
# Alternative form.
<a href="postconf.5.html#smtpd_tls_mandatory_protocols">smtpd_tls_mandatory_protocols</a> = TLSv1
</pre>
</blockquote>
@ -1903,9 +1904,10 @@ the SSL/TLS protocols used with opportunistic TLS. </p>
<a href="postconf.5.html#smtp_tls_mandatory_ciphers">smtp_tls_mandatory_ciphers</a> = medium
<a href="postconf.5.html#smtp_tls_mandatory_exclude_ciphers">smtp_tls_mandatory_exclude_ciphers</a> = RC4, MD5
<a href="postconf.5.html#smtp_tls_exclude_ciphers">smtp_tls_exclude_ciphers</a> = aNULL
<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = SSLv3, TLSv1
# Also available with Postfix &ge; 2.5:
# Preferred form with Postfix &ge; 2.5:
<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2
# Alternative form.
<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = SSLv3, TLSv1
# Also available with Postfix &ge; 2.6:
<a href="postconf.5.html#smtp_tls_ciphers">smtp_tls_ciphers</a> = export
<a href="postconf.5.html#smtp_tls_protocols">smtp_tls_protocols</a> = !SSLv2

View File

@ -11094,9 +11094,10 @@ and higher. </p>
<p> Example: </p>
<pre>
<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = TLSv1
# Alternative form with Postfix &ge; 2.5:
# Preferred form with Postfix &ge; 2.5:
<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = !SSLv2, !SSLv3
# Alternative form.
<a href="postconf.5.html#smtp_tls_mandatory_protocols">smtp_tls_mandatory_protocols</a> = TLSv1
</pre>
<p> This feature is available in Postfix 2.3 and later. </p>

View File

@ -6693,9 +6693,10 @@ Example:
.nf
.na
.ft C
smtp_tls_mandatory_protocols = TLSv1
# Alternative form with Postfix >= 2.5:
# Preferred form with Postfix >= 2.5:
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
# Alternative form.
smtp_tls_mandatory_protocols = TLSv1
.fi
.ad
.ft R

View File

@ -733,9 +733,10 @@ ciphers: </p>
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5
smtpd_tls_security_level = encrypt
smtpd_tls_mandatory_protocols = TLSv1
# Preferred interface with Postfix &ge; 2.5:
# Preferred form with Postfix &ge; 2.5:
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
# Alternative form.
smtpd_tls_mandatory_protocols = TLSv1
</pre>
</blockquote>
@ -1903,9 +1904,10 @@ the SSL/TLS protocols used with opportunistic TLS. </p>
smtp_tls_mandatory_ciphers = medium
smtp_tls_mandatory_exclude_ciphers = RC4, MD5
smtp_tls_exclude_ciphers = aNULL
smtp_tls_mandatory_protocols = SSLv3, TLSv1
# Also available with Postfix &ge; 2.5:
# Preferred form with Postfix &ge; 2.5:
smtp_tls_mandatory_protocols = !SSLv2
# Alternative form.
smtp_tls_mandatory_protocols = SSLv3, TLSv1
# Also available with Postfix &ge; 2.6:
smtp_tls_ciphers = export
smtp_tls_protocols = !SSLv2

View File

@ -10510,9 +10510,10 @@ TLS_README for more information about security levels. </p>
<p> Example: </p>
<pre>
smtp_tls_mandatory_protocols = TLSv1
# Alternative form with Postfix &ge; 2.5:
# Preferred form with Postfix &ge; 2.5:
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
# Alternative form.
smtp_tls_mandatory_protocols = TLSv1
</pre>
<p> This feature is available in Postfix 2.3 and later. </p>

View File

@ -20,7 +20,7 @@
* Patches change both the patchlevel and the release date. Snapshots have no
* patchlevel; they change the release date only.
*/
#define MAIL_RELEASE_DATE "20120422"
#define MAIL_RELEASE_DATE "20120423"
#define MAIL_VERSION_NUMBER "2.10"
#ifdef SNAPSHOT