docker icon indicating copy to clipboard operation
docker copied to clipboard
verified publisher icon anonaddy

Enhance Postfix TLS Configuration (with ECC Support) and Domain Exceptions

Open CrypticCommit opened this issue 9 months ago • 0 comments

  • Implemented more specific TLS configuration for Postfix, allowing flexible security levels based on environment variables.
  • Added support for ECC certificates and keys.
  • Introduced domain exceptions via the POSTFIX_SMTP_TLS_EXCEPTIONS variable to set smtp_tls_security_level to "may" for specified domains.

Note: It is advisable to update the following line:

smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1

to

smtpd_tls_protocols = >=TLSv1.2

This change will ensure that your server supports TLS connections starting from version 1.2 and above, enhancing security. For more details, please refer to the Postfix Documentation. Please note that this change has not been made in this pull request.

CrypticCommit avatar Apr 28 '25 20:04 CrypticCommit