qpsmtpd/config.sample/tls_ciphers

# Override default security using suitable string from available ciphers at 
# L<http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS>
# See plugins/tls for details.
#
# HIGH is a reasonable default that should satisfy most installations
HIGH:!SSLv2
#
# if you have legacy clients that require less secure connections,
# consider using this less secure, but PCI compliant setting:
#DEFAULT:!ADH:!LOW:!EXP:!SSLv2:+HIGH:+MEDIUM
Sample tls_ciphers configuration should have HIGH as a default. git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@665 958fd67b-6ff1-0310-b445-bb7760255be9 2006-10-04 15:10:23 +00:00			`# Override default security using suitable string from available ciphers at`
Allow override of TLS security methods using CIPHER_STRINGS passed to IO::Socket::SSL. Brian Szymanski <ski-qpsmtpd@allafrica.com> git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@663 958fd67b-6ff1-0310-b445-bb7760255be9 2006-10-04 13:39:27 +00:00			`# L<http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS>`
			`# See plugins/tls for details.`
increased default TLS security setting switched default TLS security in config/tls_ciphers from HIGH to HIGH:!SSLv2. Added note for how to set the minimum level of security necessary for PCI compliance. Signed-off-by: Robert <rspier@pobox.com> 2010-07-26 01:26:53 -04:00			`#`
			`# HIGH is a reasonable default that should satisfy most installations`
			`HIGH:!SSLv2`
			`#`
			`# if you have legacy clients that require less secure connections,`
			`# consider using this less secure, but PCI compliant setting:`
			`#DEFAULT:!ADH:!LOW:!EXP:!SSLv2:+HIGH:+MEDIUM`