postfix: perfekt fremadrettet hemmeligholdelse (Perfect Forward Secrecy (PFS))

openssl gendh -out /etc/postfix/pfs_512.pem -2 512
openssl gendh -out /etc/postfix/pfs_1024.pem -2 1024

postconf -e "smtpd_tls_dh1024_param_file=/etc/postfix/pfs_1024.pem"
postconf -e "smtpd_tls_dh512_param_file=/etc/postfix/pfs_512.pem"
postconf -e "smtpd_tls_eecdh_grade=strong"
postconf -e "smtp_tls_loglevel=1"
postconf -e "smtpd_tls_loglevel=1"

postconf -e "tls_preempt_cipherlist=yes"

Aktuelle artikler