postfix: update configuration B ciphers

author cm <cm@coretec.at>

Tue, 10 Dec 2013 16:03:44 +0000 (17:03 +0100)

committer cm <cm@coretec.at>

Tue, 10 Dec 2013 16:03:44 +0000 (17:03 +0100)
author cm <cm@coretec.at>
Tue, 10 Dec 2013 16:03:44 +0000 (17:03 +0100)
committer cm <cm@coretec.at>
Tue, 10 Dec 2013 16:03:44 +0000 (17:03 +0100)
diff --git a/src/practical_settings/mailserver.tex b/src/practical_settings/mailserver.tex

index ee3836b..4d44119 100644 (file)
--- a/src/practical_settings/mailserver.tex
+++ b/src/practical_settings/mailserver.tex
@@ -196,7 +196,7 @@ acceptable for the ``mandatory'' security level, again in
  \begin{lstlisting}[breaklines]
    smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
    smtpd_tls_mandatory_ciphers=high
-  tls_high_cipherlist=EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EDH+CAMELLIA256:EECDH:EDH+aRSA:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!AES128:!CAMELLIA128:!ECDSA:AES256-SHA
+  tls_high_cipherlist=EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
  \end{lstlisting}
  
  Then, we configure the MSA smtpd in \verb|master.cf| with two