Hi...
On 03/06/16 09:02 am, micah wrote:
Axel Huebl <[email protected]> writes:
just wanted to correct a section in Postfix:
For 2.9.6 Wheezy (as described) the option
tls_ssl_options = NO_COMPRESSION
Since we are on this subject, why is this NO_COMPRESSION option
suggested? There is no rationale for why this setting is there.
The only issue with compression that I am aware of is CRIME, which is
irrelevant for SMTP.
According to the postfix docs:
Compression is CPU-intensive, and compression before encryption does not
always improve security.
For performance reasons alone, and the lack of evidence to support that it
would add better security, it is best left disabled.
Of course, if the majority of the world were transporting over 14.4baud, we
might be having a different discussion. :-)
--
Lewis
-------------------------------------------------------------
Lewis G Rosenthal, CNA, CLP, CLE, CWTS, EA
Rosenthal & Rosenthal, LLC www.2rosenthals.com
visit my IT blog www.2rosenthals.net/wordpress
IRS Circular 230 Disclosure applies see www.2rosenthals.com
-------------------------------------------------------------
_______________________________________________
Ach mailing list
[email protected]
http://lists.cert.at/cgi-bin/mailman/listinfo/ach
