...

postfix: Perfect Forward Secrecy (PFS)

openssl gendh -out /etc/postfix/pfs_512.pem -2 512
openssl gendh -out /etc/postfix/pfs_1024.pem -2 1024

postconf -e „smtpd_tls_dh1024_param_file=/etc/postfix/pfs_1024.pem“
postconf -e „smtpd_tls_dh512_param_file=/etc/postfix/pfs_512.pem“
postconf -e „smtpd_tls_eecdh_grade=strong“
postconf -e „smtp_tls_loglevel=1“
postconf -e „smtpd_tls_loglevel=1“

postconf -e „tls_preempt_cipherlist=yes“

Aktuelle Artikel