Changes

From SME Server
Jump to navigationJump to search
→‎Miscellaneous Other DB Variables: new (more secure) default value for qpsmtpd
Line 1,134: Line 1,134:  
|qpsmtpd
 
|qpsmtpd
 
|/var/service/qpsmtpd/config/tls_ciphers
 
|/var/service/qpsmtpd/config/tls_ciphers
|Allow qpsmtpd to also use the weaker SSL 2.0 protocol or enforce it to accept only the stronger SSL 3.0 or TLS 1.0 protocols for securing SMTPS connections. For '''XXX''' one can use:<br /><br /> '''<tt>'ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM'</tt>''' (=Default: SSLv2/SSLv3/TLSv1)<br />'''<tt>'HIGH:!SSLv2'</tt>''' (only SSLv3/TLSv1)<br /><br />''Note: don't forget to use the quotes!!''
+
|By default qpsmtpd only accepts the stronger SSL 3.0 or TLS 1.0 protocols for securing SMTPS connections. If needed, one can set qpsmtpd to also allow the weaker SSL 2.0 protocol. For '''XXX''' one can use:<br /><br /> '''<tt>'ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM'</tt>''' (SSLv2/SSLv3/TLSv1)<br />'''<tt>'HIGH:!SSLv2'</tt>''' (=Default: only allow stronger SSLv3/TLSv1 protocols)<br /><br />''Note: don't forget to use the quotes!!''
    
|-
 
|-
167

edits

Navigation menu