summaryrefslogtreecommitdiffstats
path: root/roles/IMAP/files/etc/dovecot/conf.d
diff options
context:
space:
mode:
Diffstat (limited to 'roles/IMAP/files/etc/dovecot/conf.d')
-rw-r--r--roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf2
1 files changed, 1 insertions, 1 deletions
diff --git a/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf b/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf
index e801639..b401c93 100644
--- a/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf
+++ b/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf
@@ -29,30 +29,30 @@ ssl_key = </etc/dovecot/ssl/imap.fripost.org.key
# Directory and/or file for trusted SSL CA certificates. These are used only
# when Dovecot needs to act as an SSL client (e.g. imapc backend). The
# directory is usually /etc/ssl/certs in Debian-based systems and the file is
# /etc/pki/tls/cert.pem in RedHat-based systems.
#ssl_client_ca_dir =
#ssl_client_ca_file =
# Request client to send a certificate. If you also want to require it, set
# auth_ssl_require_client_cert=yes in auth section.
#ssl_verify_client_cert = no
# Which field from certificate to use for username. commonName and
# x500UniqueIdentifier are the usual choices. You'll also need to set
# auth_ssl_username_from_cert=yes.
#ssl_cert_username_field = commonName
# DH parameters length to use.
ssl_dh_parameters_length = 2048
# SSL protocols to use
-ssl_protocols = !SSLv2
+ssl_protocols = !SSLv2 !SSLv3
# SSL ciphers to use
ssl_cipher_list = HIGH:!SSLv2:!aNULL:!eNULL:!3DES:!MD5:@STRENGTH
# Prefer the server's order of ciphers over client's.
#ssl_prefer_server_ciphers = no
# SSL crypto device to use, for valid values run "openssl engine"
#ssl_crypto_device =
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-17 21:56:29 +0000