Enable dovecot option to prefer server ciphers

This might prevent misconfigured clients to use a weak cipher when stronger ciphers are available.
This commit is contained in:
Benjamin Asbach 2020-05-24 19:23:53 +02:00
parent 9b98746515
commit fb8886547b

View file

@ -130,6 +130,7 @@ in
mail_access_groups = ${vmailGroupName} mail_access_groups = ${vmailGroupName}
ssl = required ssl = required
ssl_min_protocol = TLSv1.2 ssl_min_protocol = TLSv1.2
ssl_prefer_server_ciphers = yes
service lmtp { service lmtp {
unix_listener dovecot-lmtp { unix_listener dovecot-lmtp {