Changes

From SME Server
Jump to navigationJump to search
→‎Miscellaneous Other DB Variables: set qpsmtpd to allow/not allow the weaker SSL 2.0 protocol for securing SMTPS connections
Line 1,130: Line 1,130:  
|none - the smtp-auth-proxy executable (//usr/local/sbin/smtp-auth-proxy.pl) reads the config database directly.
 
|none - the smtp-auth-proxy executable (//usr/local/sbin/smtp-auth-proxy.pl) reads the config database directly.
 
|Used to change the port number used to connect to the upstream mail server ("SMTPSmartHost" or "Address of Internet provider's mail server").  Defaults to port 25 if PeerPort is not set; uses SSL if port 465 is selected.
 
|Used to change the port number used to connect to the upstream mail server ("SMTPSmartHost" or "Address of Internet provider's mail server").  Defaults to port 25 if PeerPort is not set; uses SSL if port 465 is selected.
 +
|-
 +
|db configuration setprop qpsmtpd tlsCipher '''XXX'''; signal-event email-update
 +
|qpsmtpd
 +
|/var/service/qpsmtpd/config/tls_ciphers
 +
|Allow qpsmtpd to also use the weaker SSL 2.0 protocol or enforce it to accept only the stronger SSL 3.0 or TLS 1.0 protocols for securing SMTPS connections. For '''XXX''' one can use:<br /><br /> '''<tt>'ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM'</tt>''' (=Default: SSLv2/SSLv3/TLSv1)<br />'''<tt>'HIGH:!SSLv2'</tt>''' (only SSLv3/TLSv1)<br /><br />''Note: don't forget to use the quotes!!''
 +
 
|-
 
|-
 
|command
 
|command
167

edits

Navigation menu