postfix 3.4.6 - smtpd_tls_mandatory_exclude_ciphers

Hello, Ive got an issue with excluding specific ciphers and hashes.

Code:
user@serv:~ % sudo postconf -n | grep exclude
smtp_tls_mandatory_exclude_ciphers = aNULL, eNULL, LOW, RC4, EXP, MEDIUM, ADH, AECDH, MD5, DSS, DES+MD5
smtpd_tls_mandatory_exclude_ciphers = aNULL, eNULL, LOW, RC4, EXP, MEDIUM, ADH, AECDH, MD5, DSS, DES+MD5

Anonymous TLS connection established from : TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)
But AECDH is excluded. Moreover, if I set AES256 it works and cannot connect using that.
The same issue when I exclude SHA.

Can someone test on your side?
 
Back
Top