Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Disable TLSv1.0 and TLSv1.1 in IMSVA

    • Updated:
    • 22 Feb 2021
    • Product/Version:
    • Interscan Messaging Security Virtual Appliance All
    • Interscan Messaging Security Virtual Appliance All
    • Platform:
    • Red Hat Enterprise Linux 64-Bit
Summary
Disable TLSv1.0 and TLSv1.1 in IMSVA
Details
Public
To disable TLSv1.0 and TLSv1.1 please follow these steps:

1. Make sure you have installed IMSVA Patch 3 build 1960 or a higher version.

2. Create a backup of the main.cf located in the /opt/trend/imss/postfix/etc/postfix/ folder.

3. Edit the main.cf file by appending !TLSv1, !TLSv1.1 at the end of the following parameters:

smtpd_tls_protocols
smtp_tls_protocols
smtpd_tls_mandatory_protocols
smtp_tls_mandatory_protocols

Example on how it will look like:

...
#smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
#smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
...
#smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
#smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
...

4. Reload the postfix configuration by running:

postfix reload

5. Check whether the change took effect by running the following commands:

postconf | grep smtpd_tls_

postconf | grep smtp_tls_
Premium
Internal
Partner
Rating:
Category:
Configure
Solution Id:
000283048
Feedback
Did this article help you?

Thank you for your feedback!


*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.