aither/simple-nixos-mailserver
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Allow TLSv1 for compatibility with older devices

Browse Source
This commit is contained in:
Jakub Skokan
2020-10-28 21:41:00 +01:00
parent 23f0a53ca6
commit f6aa7e2b18
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
mail-server/dovecot.nix
View File

@@ -360,7 +360,7 @@ in
# https://ssl-config.mozilla.org/#server=dovecot&version=2.3.21&config=intermediate&openssl=3.4.1&guideline=5.7 # https://ssl-config.mozilla.org/#server=dovecot&version=2.3.21&config=intermediate&openssl=3.4.1&guideline=5.7
ssl = required ssl = required
ssl_min_protocol = TLSv1.2 ssl_min_protocol = TLSv1
ssl_prefer_server_ciphers = no ssl_prefer_server_ciphers = no
ssl_curve_list = X25519MLKEM768:X25519:prime256v1:secp384r1 ssl_curve_list = X25519MLKEM768:X25519:prime256v1:secp384r1

4
mail-server/postfix.nix
View File

@@ -375,8 +375,8 @@ in
smtpd_tls_auth_only = true; smtpd_tls_auth_only = true;
# TLS versions supported for the SMTP server # TLS versions supported for the SMTP server
smtpd_tls_protocols = ">=TLSv1.2"; smtpd_tls_protocols = ">=TLSv1";
smtpd_tls_mandatory_protocols = ">=TLSv1.2"; smtpd_tls_mandatory_protocols = ">=TLSv1";
# Require ciphersuites that OpenSSL classifies as "High" # Require ciphersuites that OpenSSL classifies as "High"
smtpd_tls_ciphers = "high"; smtpd_tls_ciphers = "high";