From bbe396d3c2a2ab7dcc28851a1c8a5e5ee7cfb6b7 Mon Sep 17 00:00:00 2001
From: Max Uetrecht <phenomax@users.noreply.github.com>
Date: Sun, 22 Sep 2019 17:38:03 +0200
Subject: [PATCH] [Postfix] Add NO_RENEGOTIATION to tls_ssl_options

---
 data/conf/postfix/main.cf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/conf/postfix/main.cf b/data/conf/postfix/main.cf
index f7238631..98e81a34 100644
--- a/data/conf/postfix/main.cf
+++ b/data/conf/postfix/main.cf
@@ -149,7 +149,7 @@ smtpd_tls_protocols = !SSLv2, !SSLv3
 
 smtpd_tls_security_level = may
 tls_preempt_cipherlist = yes
-tls_ssl_options = NO_COMPRESSION
+tls_ssl_options = NO_COMPRESSION, NO_RENEGOTIATION
 virtual_alias_maps = proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_alias_maps.cf,
   proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_resource_maps.cf,
   proxy:mysql:/opt/postfix/conf/sql/mysql_virtual_spamalias_maps.cf,