From 21ce4b4ff86ba0771e41551c6144396a930773a9 Mon Sep 17 00:00:00 2001
From: Martin Weinelt <hexa@darmstadt.ccc.de>
Date: Fri, 13 Jun 2025 03:20:14 +0200
Subject: [PATCH] dovecot: disable Diffie-Hellman support

Recommended in the modern recommendation by Mozilla. Support for elliptic
curves is widespread and they are much faster.
---
 mail-server/dovecot.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/mail-server/dovecot.nix b/mail-server/dovecot.nix
index 375bfe8..c06b478 100644
--- a/mail-server/dovecot.nix
+++ b/mail-server/dovecot.nix
@@ -182,6 +182,7 @@ in
       mailLocation = dovecotMaildir;
       sslServerCert = certificatePath;
       sslServerKey = keyPath;
+      enableDHE = lib.mkDefault false;
       enableLmtp = true;
       mailPlugins.globally.enable = lib.optionals cfg.fullTextSearch.enable [
         "fts"