But PCI Compliance only applies to the Cardholder Data Environment. Why on earth would you have a mail server in the Cardholder Data Environment?
And if it isn’t in the CDE: You can run whatever version of TLS you want, and it’s none of PCI’s business. - mark > On Jul 23, 2018, at 3:06 PM, Bradley Silverman > <bsilver...@staff.ventraip.com> wrote: > > Hi Matt, > > Really appreciate you sending me that email, I will definitely send an email > through to there! > > @Mark Certainly not! PCI Compliance requires that TLSv1.0 be disabled on the > server. Postifx/Exim/Dovecot are not exception to the rule, if we disable > TLSv1.0 on the server and remove the weak cipher, then TPG's MTAs aren't able > to send mail to us. > > Regards, > > Bradley Silverman | VentraIP Australia > Technical Operations > > mobile. +61 418 641 103 > phone. +61 3 9013 8464 > > On Mon, Jul 23, 2018 at 2:48 PM, Mark Newton <new...@atdot.dotat.org > <mailto:new...@atdot.dotat.org>> wrote: > You’re trying to exchange payment card information over email? > > - mark > >> On Jul 23, 2018, at 1:30 PM, Bradley Silverman >> <bsilver...@staff.ventraip.com <mailto:bsilver...@staff.ventraip.com>> wrote: >> >> Does anyone have a contact at TPG regarding their mail servers? >> >> We are having issues with their mail servers using non-PCI compliant ciphers >> which is stopping our servers accepting mail from them. >> >> >> Regards, >> >> Bradley Silverman | VentraIP Australia >> Technical Operations >> >> mobile. +61 418 641 103 >> phone. +61 3 9013 8464 >> _______________________________________________ >> AusNOG mailing list >> AusNOG@lists.ausnog.net <mailto:AusNOG@lists.ausnog.net> >> http://lists.ausnog.net/mailman/listinfo/ausnog >> <http://lists.ausnog.net/mailman/listinfo/ausnog> > >
_______________________________________________ AusNOG mailing list AusNOG@lists.ausnog.net http://lists.ausnog.net/mailman/listinfo/ausnog