diff options
| author | Guilhem Moulin <guilhem.moulin@fripost.org> | 2015-10-27 18:47:33 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem.moulin@fripost.org> | 2015-10-27 18:48:41 +0100 |
| commit | 5f08683ba87765db98e44e1ca024e1f5c9e14d93 (patch) | |
| tree | 48bc6689acb10092a363e5b7630c179862c9ac98 | |
| parent | 27ce10fc5fb5d85ec9bc0a92532b868c6c0925bf (diff) | |
Update Postfix config.
| -rw-r--r-- | konfigurera.mdwn | 18 |
1 files changed, 8 insertions, 10 deletions
diff --git a/konfigurera.mdwn b/konfigurera.mdwn index 3a8c7e0..e2f7a82 100644 --- a/konfigurera.mdwn +++ b/konfigurera.mdwn @@ -143,9 +143,7 @@ password uSerS_paSSword Kör följande kommandon: <pre> -touch /etc/postfix/sasl/passwd -sudo chown root:root /etc/postfix/sasl/passwd -sudo chmod 0400 /etc/postfix/sasl/passwd +sudo install -m 0400 /dev/null /etc/postfix/sasl/passwd </pre> Lägg in följande rad i /etc/postfix/sasl/passwd @@ -171,9 +169,10 @@ smtp_sasl_security_options = noanonymous, noplaintext smtp_sasl_tls_security_options = noanonymous smtp_tls_security_level = fingerprint -smtp_tls_fingerprint_digest = sha1 +smtp_tls_fingerprint_digest = sha256 smtp_tls_mandatory_ciphers = high -smtp_tls_fingerprint_cert_match = 03:87:02:C9:6E:01:D3:AD:BC:EC:77:CC:A5:C5:37:C1:D8:C1:29:BC +smtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1 +smtp_tls_fingerprint_cert_match = 6C:89:92:3C:A2:53:E0:14:9E:14:11:17:FF:FA:EB:12:3E:BA:0A:B0:C2:BE:70:18:8C:3D:7A:69:EB:00:5E:BB </pre> Guilhems kommentar: @@ -187,13 +186,12 @@ Guilhems kommentar: > smtp_tls_policy_maps = hash:$config_directory/tls_policy > smtp_sender_dependent_authentication = yes > sender_dependent_relayhost_maps = hash:$config_directory/relayhost_map -> smtp_tls_fingerprint_digest = sha1 +> smtp_tls_fingerprint_digest = sha256 > > /etc/postfix/tls_policy -> [smtp.chalmers.se]:587 secure ciphers=high -> [smtp.fripost.org]:587 fingerprint -> match=03:87:02:C9:6E:01:D3:AD:BC:EC:77:CC:A5:C5:37:C1:D8:C1:29:BC -> ciphers=high +> [smtp.chalmers.se]:587 secure ciphers=high protocols=!SSLv2:!SSLv3 +> [smtp.fripost.org]:587 fingerprint ciphers=high protocols=!SSLv2:!SSLv3:!TLSv1:!TLSv1.1 +> match=6C:89:92:3C:A2:53:E0:14:9E:14:11:17:FF:FA:EB:12:3E:BA:0A:B0:C2:BE:70:18:8C:3D:7A:69:EB:00:5E:BB > > /etc/postfix/relayhost_map > @fripost.org [smtp.fripost.org]:587 |