Supported Protocols and Cipher Suites

Supported protocols

Security Level	Protocol
Opportunistic	TLSv1, TLSv1.1 and TLSv1.2
Must	TLSv1, TLSv1.1 and TLSv1.2
Verify	TLSv1, TLSv1.1 and TLSv1.2

Note

The SSLv3 protocol is disabled according to CVE-2014-3566. To enable SSLv3, run the following statements:

postconf -e smtpd_tls_mandatory_protocols=SSLv3,TLSv1,TLSv1.1,TLSv1.2 &&
                                 postconf -e smtp_tls_mandatory_protocols=SSLv3,TLSv1,TLSv1.1,TLSv1.2 && postconf -e
                                 smtpd_tls_protocols=\!SSLv2 && postconf -e smtp_tls_protocols=\!SSLv2 &&
                                 postfix reload

For details about the supported cipher suites, run the following statement:

openssl ciphers -v 'HIGH:MEDIUM:!RC4@STRENGTH'

/*<![CDATA[*/ $('#title').html($('meta[name=map-description]').attr('content')); /*]]>*/

Supported Protocols and Cipher Suites

Supported protocols

Note