GNU Mailutils Manual (split by node):   Section:   Chapter:FastBack: Programs   Up: configuration   FastForward: Libraries   Contents: Table of ContentsIndex: Function Index

3.2.20 The tls-file-checks Statement

Syntax

tls-file-checks {
  # Configure safety checks for SSL key file.
  key-file list;
  # Configure safety checks for SSL certificate.
  cert-file list;
  # Configure safety checks for SSL CA file.
  ca-file list;
}

Description

This section configures security checks applied to the particular SSL configuration files in order to decide whether it is safe to use them.

Configuration: key-file list

Configure safety checks for SSL key file. Elements of the list are names of individual checks, optionally prefixed with ‘+’ to enable or ‘-’ to disable the corresponding check. Valid check names are:

none

Disable all checks.

all

Enable all checks.

gwrfil

Forbid group writable files.

awrfil

Forbid world writable files.

grdfil

Forbid group readable files.

ardfil

Forbid world writable files.

linkwrdir

Forbid symbolic links in group or world writable directories.

gwrdir

Forbid files in group writable directories.

awrdir

Forbid files in world writable directories,

Configuration: cert-file list

Configure safety checks for SSL certificate. See key-file for a description of list.

Configuration: ca-file list

Configure safety checks for SSL CA file. See key-file for a description of list.

GNU Mailutils Manual (split by node):   Section:   Chapter:FastBack: Programs   Up: configuration   FastForward: Libraries   Contents: Table of ContentsIndex: Function Index