mirror/docker-mailserver.docker-mailserver
1
0
Fork 0
mirror of https://github.com/docker-mailserver/docker-mailserver.git synced 2025-08-31 23:40:25 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

remove: Diffie-Hellman parameters for Postfix & Dovecot

Browse source 
This patch removes all custom DH parameters from DMS.

The documentation update is NOT included in this patch yet.

ref: #4538

Signed-off-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
This commit is contained in:
Georg Lauterbach 2025-08-17 12:28:33 +02:00
parent c1da4265d3
commit 8dc74bb1e8
No known key found for this signature in database
GPG key ID: D84CD4AA46D7F099
11 changed files with 2 additions and 119 deletions
Download patch file Download diff file Expand all files Collapse all files

17
target/scripts/helpers/ssl.sh
View file

@ -1,22 +1,5 @@
#!/bin/bash
function _setup_dhparam() {
local DH_SERVICE=$1
local DH_DEST=$2
local DH_CUSTOM='/tmp/docker-mailserver/dhparams.pem'
_log 'debug' "Setting up ${DH_SERVICE} dhparam"
if [[ -f ${DH_CUSTOM} ]]; then # use custom supplied dh params (assumes they're probably insecure)
_log 'trace' "${DH_SERVICE} will use custom provided DH parameters"
_log 'warn' "Using self-generated dhparams is considered insecure - unless you know what you are doing, please remove '${DH_CUSTOM}'"
cp -f "${DH_CUSTOM}" "${DH_DEST}"
else # use official standardized dh params (provided via Dockerfile)
_log 'trace' "${DH_SERVICE} will use official standardized DH parameters (ffdhe4096)."
fi
}
function _setup_ssl() {
_log 'debug' 'Setting up SSL'

1
target/scripts/start-mailserver.sh
View file

@ -48,7 +48,6 @@ function _register_functions() {
if [[ ${SMTP_ONLY} -ne 1 ]]; then
_register_setup_function '_setup_dovecot'
_register_setup_function '_setup_dovecot_sieve'
_register_setup_function '_setup_dovecot_dhparam'
_register_setup_function '_setup_dovecot_quota'
_register_setup_function '_setup_spam_subject'
_register_setup_function '_setup_spam_to_junk'

4
target/scripts/startup/setup.d/dovecot.sh
View file

@ -236,7 +236,3 @@ function _setup_dovecot_inet_protocols() {
sedfile -i "s|^#listen =.*|listen = ${PROTOCOL}|g" /etc/dovecot/dovecot.conf
}
function _setup_dovecot_dhparam() {
_setup_dhparam 'Dovecot' '/etc/dovecot/dh.pem'
}

3
target/scripts/startup/setup.d/postfix.sh
View file

@ -49,9 +49,6 @@ EOF
__postfix__log 'trace' 'Setting up Postfix vhost'
_create_postfix_vhost
__postfix__log 'trace' 'Setting up DH Parameters'
_setup_dhparam 'Postfix' '/etc/postfix/dhparams.pem'
__postfix__log 'trace' "Configuring message size limit to '${POSTFIX_MESSAGE_SIZE_LIMIT}'"
postconf "message_size_limit = ${POSTFIX_MESSAGE_SIZE_LIMIT}"