On 2020-03-06 23:05, Reio Remma wrote: > Hello! > > I was forced to upgrade our mail server to CentOS 8 (thanks to hardware > failure on the old machine). I've successfully built an RPM of OpenSMTPD for > CentOS 8 and it's running nicely, however I've a problem with the global > crypto policies in CentOS 8. > > Namely the DEFAULT crypto policy disables TLSv1 for OpenSMTPD. Has anyone > got any experience on how to allow TLSv1 for OpenSMTPD without downgrading > the whole system from DEFAULT to LEGACY crypto policy?
Just out of curiosity - why do you need TLSv1 on OpenSMTPD? (Especially sinice it is considered to be not safe) ---- Ihor
