Score:1

How to disable client-initiated renegotiation in Postfix?

id flag

How to disable client-initiated renegotiation in Postfix?

Score:3
id flag

In console:

nano etc/postfix/main.cf

Find & edit - or add this line:

tls_ssl_options = NO_RENEGOTIATION

The value of the tls_ssl_options configuration parameter is a white-space or comma separated list of named options, with an alternate syntax provided for (only in exceptional circumstances recommendable) directly specifying OpenSSL-supported options not (yet) named at Postfix compile time.

Alejandro T avatar
br flag
Do you know how to do it in postfix 2.10 ?
anx avatar
fr flag
anx
Because TLS 1.3 forbids renegotiation, this is only needed when allowing legacy TLS (1.2 or prior) in the first place.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.