sheppy/opendesk
1
0
Fork 0
mirror of https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git synced 2025-12-07 16:01:37 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix(postfix): Relax TLS settings to TLSv1.2/medium for broader SMTP relay compatibility

Browse Source
This commit is contained in:
Thorsten Roßner
2025-09-23 08:02:39 +02:00
parent 776fe92ae1
commit 31cbd9af1a
2 changed files with 4 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
helmfile/apps/open-xchange/values-postfix.yaml.gotmpl
View File

@@ -50,10 +50,8 @@ postfix:
{{- if .Values.apps.dkimpy.enabled }} {{- if .Values.apps.dkimpy.enabled }}
dkimpyHost: "opendesk-dkimpy-milter.{{ .Release.Namespace }}.svc.{{.Values.cluster.networking.domain }}:8892" dkimpyHost: "opendesk-dkimpy-milter.{{ .Release.Namespace }}.svc.{{.Values.cluster.networking.domain }}:8892"
{{- end }} {{- end }}
minTLSVersion: "TLSv1.2"
minTLSVersion: "TLSv1.3" smtpdTLSMandatoryCiphers: "medium"
smtpdTLSMandatoryCiphers: "high"
rspamdHost: "" rspamdHost: ""
{{- if .Values.smtp.host }} {{- if .Values.smtp.host }}
relayHost: relayHost:

6
helmfile/apps/services-external/values-postfix.yaml.gotmpl
View File

@@ -72,10 +72,8 @@ postfix:
# Warning: This setting allows unauthenticated mail relay from relayNets! # Warning: This setting allows unauthenticated mail relay from relayNets!
allowRelayNets: true allowRelayNets: true
relayNets: {{ join " " .Values.cluster.networking.cidr | quote }} relayNets: {{ join " " .Values.cluster.networking.cidr | quote }}
minTLSVersion: "TLSv1.2"
minTLSVersion: "TLSv1.3" smtpdTLSMandatoryCiphers: "medium"
smtpdTLSMandatoryCiphers: "high"
smtpSASLAuthEnable: "yes" smtpSASLAuthEnable: "yes"
smtpSASLPasswordMaps: "lmdb:/etc/postfix/sasl_passwd.map" smtpSASLPasswordMaps: "lmdb:/etc/postfix/sasl_passwd.map"
smtpTLSSecurityLevel: "encrypt" smtpTLSSecurityLevel: "encrypt"