Update 'IMAP', 'MSA' and 'LDAP-provider' roles to Debian Stretch.

1 files changed, 6 insertions, 2 deletions

diff --git a/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf b/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf
index dc0b5bf..250eec5 100644
--- a/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf
+++ b/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf
@@ -21,7 +21,7 @@ ssl_key = </etc/dovecot/ssl/imap.fripost.org.key
 # PEM encoded trusted certificate authority. Set this only if you intend to use
 # ssl_verify_client_cert=yes. The file should contain the CA certificate(s)
 # followed by the matching CRL(s). (e.g. ssl_ca = </etc/ssl/certs/ca.pem)
-#ssl_ca = 
+#ssl_ca =
 
 # Require that CRL check succeeds for client certificates.
 #ssl_require_crl = yes
@@ -46,7 +46,7 @@ ssl_key = </etc/dovecot/ssl/imap.fripost.org.key
 ssl_dh_parameters_length = 2048
 
 # SSL protocols to use
-ssl_protocols = !SSLv2 !SSLv3
+#ssl_protocols = !SSLv3
 
 # SSL ciphers to use
 ssl_cipher_list = HIGH:!aNULL:!eNULL:!3DES:!MD5:@STRENGTH
@@ -56,3 +56,7 @@ ssl_cipher_list = HIGH:!aNULL:!eNULL:!3DES:!MD5:@STRENGTH
 
 # SSL crypto device to use, for valid values run "openssl engine"
 #ssl_crypto_device =
+
+# SSL extra options. Currently supported options are:
+#   no_compression - Disable compression.
+ssl_options = no_compression