the switch of smtpd_tls_security_level may to encrypt for submission broke smtpd_tls_protocols

The submission port began offering SSLv3. With `encrypt`, the smtpd_tls_protocols option is ignored and smtpd_tls_mandatory_protocols must be set instead. see e39b777a

the switch of smtpd_tls_security_level may to encrypt for submission broke smtpd_tls_protocols
The submission port began offering SSLv3. With `encrypt`, the smtpd_tls_protocols option is ignored and smtpd_tls_mandatory_protocols must be set instead. see e39b777a
eb5e8fe3 · Joshua Tauberer · c999c608 · eb5e8fe3 · eb5e8fe3
Commit eb5e8fe3 authored May 20, 2015 by Joshua Tauberer
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

CHANGELOG.md CHANGELOG.md +1 -1

mail-postfix.sh setup/mail-postfix.sh +1 -1

No files found.
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,7 +5,7 @@ In Development
 --------------

 * ownCloud updated to version 8.0.3.
-
+* SMTP Submission (port 587) began offering the insecure SSLv3 protocol due to a misconfiguration in the previous version.

 v0.09 (May 8, 2015)
 -------------------

--- a/setup/mail-postfix.sh
+++ b/setup/mail-postfix.sh
@@ -78,7 +78,7 @@ tools/editconf.py /etc/postfix/master.cf -s -w \
 	  -o syslog_name=postfix/submission
 	  -o smtpd_milters=inet:127.0.0.1:8891
 	  -o smtpd_tls_security_level=encrypt
-	  -o smtpd_tls_ciphers=high -o smtpd_tls_exclude_ciphers=aNULL,DES,3DES,MD5,DES+MD5,RC4 -o smtpd_tls_protocols=!SSLv2,!SSLv3
+	  -o smtpd_tls_ciphers=high -o smtpd_tls_exclude_ciphers=aNULL,DES,3DES,MD5,DES+MD5,RC4 -o smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3
 	  -o cleanup_service_name=authclean" \
 	"authclean=unix  n       -       -       -       0       cleanup
 	  -o header_checks=pcre:/etc/postfix/outgoing_mail_header_filters"