On 07.03.2020 0:41, Ihor Antonov wrote:
On 2020-03-06 23:05, Reio Remma wrote:

I was forced to upgrade our mail server to CentOS 8 (thanks to hardware
failure on the old machine). I've successfully built an RPM of OpenSMTPD for
CentOS 8 and it's running nicely, however I've a problem with the global
crypto policies in CentOS 8.

Namely the DEFAULT crypto policy disables TLSv1 for OpenSMTPD. Has anyone
got any experience on how to allow TLSv1 for OpenSMTPD without downgrading
the whole system from DEFAULT to LEGACY crypto policy?
Just out of curiosity - why do you need TLSv1 on OpenSMTPD? (Especially
sinice it is considered to be not safe)

Because my thinking is it's better than the plain text the clients fall back to. Or is it not so?


Reply via email to