Sujet : Re: OpenSSL 3.4.x supported?
De : INVALID_NO_CC_REMOVE_IF_YOU_DO_NOT_POST_ml+sendmail(-no-copies-please) (at) *nospam* esmtp.org (Claus Aßmann)
Groupes : comp.mail.sendmailDate : 08. Jan 2025, 18:00:16
Autres entêtes
Organisation : MGT Consulting
Message-ID : <vlmav0$443$1@news.misty.com>
References : 1 2 3 4
User-Agent : trn 4.0-test77 (Sep 1, 2010)
AMM wrote:
Check the OpenSSL config file / documentation, e.g., wrt
"security level".
Thank you for your response. However, it is still not clear what
unwanted behaviour can occur? If you can explain, then please do.
Quoting the release notes:
* The default SSL/TLS security level has been changed from 1 to 2. RSA,
DSA and DH keys of 1024 bits and above and less than 2048 bits and ECC keys
of 160 bits and above and less than 224 bits were previously accepted by
default but are now no longer allowed. By default TLS compression was
already disabled in previous OpenSSL versions. At security level 2 it cannot
be enabled.
This might be useful for other applications, but not for SMTP
- it may break using STARTTLS with other MTAs.
Currently I have this in sendmail.mc file: (using from few years)
CipherList= ...
Why do you have that list?
"What's the problem you are trying to solve?"
BTW: Setting CipherList has NO effect when using TLSv1.3
(OpenSSL).
-- Note: please read the netiquette before posting. I will almost neverreply to top-postings which include a full copy of the previousarticle(s) at the end because it's annoying, shows that the posteris too lazy to trim his article, and it's wasting the time of all readers.
OpenSSL 3.4.x supported?
Re: OpenSSL 3.4.x supported?