christian
/
nixos-mailserver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Enable dovecot option to prefer server ciphers 

This might prevent misconfigured clients to use a weak cipher when stronger ciphers are available.
This commit is contained in:
Benjamin Asbach 2020-05-24 19:23:53 +02:00
parent 9b98746515
commit fb8886547b
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
mail-server/dovecot.nix
View File

@ -130,6 +130,7 @@ in
mail_access_groups = ${vmailGroupName} mail_access_groups = ${vmailGroupName}
ssl = required ssl = required
ssl_min_protocol = TLSv1.2 ssl_min_protocol = TLSv1.2
ssl_prefer_server_ciphers = yes
service lmtp { service lmtp {
unix_listener dovecot-lmtp { unix_listener dovecot-lmtp {