Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Bastian Blank (bastian+postfix-users=postfix.orgwaldi.eu.org)
Date: Mon Jul 27 2009 - 13:36:48 CDT
On Mon, Jul 27, 2009 at 08:03:20AM -0400, Wietse Venema wrote:
> Jake Vickers:
> > Now I know I posted the other day about disabling SSLv2, but if I add
> That solution was for MANDATORY TLS encryption. If TLS is not mandatory,
> then disabling SSLv2 is pointless: you allow plaintext email.
I don't think this is completely correct. I can still have
authentication only enabled over secure connections
(smtpd_tls_auth_only) but allow unencrypted connections for normal mail.
Then SSLv2 can't be considered as secure.
Virtue is a relative term.
-- Spock, "Friday's Child", stardate 3499.1