self-hosted/docker-mailserver
1
0
Fork 0
mirror of https://github.com/docker-mailserver/docker-mailserver.git synced 2025-08-08 23:06:49 +02:00
Code Issues Releases Activity

Nist tls (#831)

Browse Source 
* remove two ciphers according to https://www.htbridge.com/ssl/ (NIST, HIPAA)
* added a switch via an environment variable to choose between modern and intermediate ciphers
This commit is contained in:
Marek Walczak
2018-02-22 08:36:12 +01:00
committed by Johan Smits
parent eb20722b80
commit c36e878d76
5 changed files with 47 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@ -247,6 +247,13 @@ Otherwise, `iptables` won't be able to ban IPs.
Please read [the SSL page in the wiki](https://github.com/tomav/docker-mailserver/wiki/Configure-SSL) for more information.
##### TLS_LEVEL
- **empty** => modern
- modern => Enables TLSv1.2 and modern ciphers only. (default)
- intermediate => Enables TLSv1, TLSv1.1 and TLSv1.2 and broad compatibility ciphers.
- old => NOT implemented. If you really need it, then customize the TLS ciphers overriding postfix and dovecot settings [ wiki](https://github.com/tomav/docker-mailserver/wiki/
##### PERMIT_DOCKER
Set different options for mynetworks option (can be overwrite in postfix-main.cf)