github-com-docker-mailserver/docker-mailserver
1
0
Fork 0
mirror of https://github.com/docker-mailserver/docker-mailserver.git synced 2024-01-19 02:48:50 +00:00
Code Issues Projects Releases Wiki Activity

Diffie-Hellman 2048 Bit Parameters should be changed regularly. (#834)

Browse source 
Since it is assumed that the NSA uses Rainbowtables to break default-DHE-Parameters, one is encouraged to change the Parameters periodically.
This commit is contained in:
17Halbe 2018-02-11 18:37:04 +01:00 committed by Johan Smits
parent 21b7cf72c9
commit ac9be357ce
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
Dockerfile
View file

@ -178,7 +178,9 @@ RUN mkdir /var/run/fetchmail && chown fetchmail /var/run/fetchmail
COPY target/postfix/main.cf target/postfix/master.cf /etc/postfix/
COPY target/postfix/sender_header_filter.pcre /etc/postfix/maps/sender_header_filter.pcre
RUN echo "" > /etc/aliases && \
openssl dhparam -out /etc/postfix/dhparams.pem 2048
openssl dhparam -out /etc/postfix/dhparams.pem 2048 && \
echo "@daily FILE=`mktemp` ; openssl dhparam -out $FILE 2048 > /dev/null 2>&1 && mv -f $FILE /etc/postfix/dhparams.pem" > /etc/cron.d/dh2048
# Configuring Logs
RUN sed -i -r "/^#?compress/c\compress\ncopytruncate" /etc/logrotate.conf && \