From 9b987465157c5d7aa00104bf9a5d20c4fe3edc82 Mon Sep 17 00:00:00 2001
From: Benjamin Asbach <4610679-asbachb@users.noreply.gitlab.com>
Date: Sun, 24 May 2020 19:21:31 +0200
Subject: [PATCH] Set TLSv1.2 as minimal TLS version for dovecot

TLSv1 and TLSv1.1 are commonly opinioned as deprecated.
---
 mail-server/dovecot.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/mail-server/dovecot.nix b/mail-server/dovecot.nix
index 8f500f7..9145af1 100644
--- a/mail-server/dovecot.nix
+++ b/mail-server/dovecot.nix
@@ -129,6 +129,7 @@ in
 
         mail_access_groups = ${vmailGroupName}
         ssl = required
+        ssl_min_protocol = TLSv1.2
 
         service lmtp {
           unix_listener dovecot-lmtp {