docker/docker-mail
1
0
Fork 0
Code Issues 4 Pull Requests Actions Projects Releases 6 Wiki Activity

feat(ssl_tls): updated dovecot and postfix accepted ciphers

Browse Source 
used https://ssl-config.mozilla.org/ to generate recommended
ciphers config for dovecot and postfix.

postfix set to use medium ciphers due to possibility of smtp
servers not being updated to latest.

MR !9
This commit is contained in:
Jon Lockwood
2022-02-19 10:41:53 +09:30
parent 3741b92606
commit 2a222df778
2 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
include/etc/dovecot/conf.d/10-ssl.conf
View File

@ -15,3 +15,6 @@ ssl_dh = </certs/dovecot/dh.pem
ssl_cert = </certs/dovecot/cert.pem
ssl_key = </certs/dovecot/key.pem
# Generated by https://ssl-config.mozilla.org/
ssl_min_protocol = TLSv1.2
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384