[BlueOnyx:19220] Re: How does one persist changes to sendmail.mc ?
Michael Stauber
mstauber at blueonyx.it
Sat Feb 27 14:00:25 -05 2016
Hi Jim,
> Seems if I make a change to the cipher configuration
> and then restart it is replaced.
>
> O CipherList
> O ServerSSLOptions
> O ClientSSLOptions
Short answer ... please see the other message I just posted:
[BlueOnyx:19219] Re: SSL3_GET_CLIENT_HELLO:no shared cipher
We did some security hardening of BlueOnyx and all our services now only
support the best protocols and ciphers that are still considered safe.
SSLv3 is no longer supported. Nor do we support any weak ciphers such as
RC4 based ones anymore.
We did this by adjusting the configs for the individual services such as
Dovecot and Sendmail for the email related services. We neither support
nor recommend to mess with these cipher and protocol settings as what we
use is considered a safe and reasonable industry standard.
So we don't support modifications to the protocols and ciphers and if
you mess with them, you can expect that future updates will roll them
back to what we consider safe.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list