On Wed, Jan 11, 2012 at 07:08:30PM +0100, Dennis Guhl wrote:
> On Wed, Jan 11, 2012 at 04:15:17PM +0100, Stefan wrote:
> > Hello list,
>
> > mail.example.com[aaa.bbb.ccc.ddd]:25: TLSv1 with cipher ADH-CAMELLIA256-SHA
>
> This is an anonymous cipher. With
>
> smtpd_tls_mandatory_exclude_ciphers = aNULL
>
> or
>
> smtpd_tls_exclude_ciphers = aNULL
>
> you can disable the useage of anonymous ciphers.
Can, but SHOULD NOT. There is no need to restrict the cipher selection in this
way
or to waste CPU and bandwidth exchanging ignored certificates.
--
Viktor.
