postfix: restrict TLS signing algorithms

Prunes the list preset and removes SHA-1 to restore compatibility with
NCSC TLS security guidelines.

mail-server/postfix.nix

@@ -420,9 +420,6 @@ in
         smtp_tls_exclude_ciphers = "SHA1, eNULL, aNULL";
         smtp_tls_mandatory_exclude_ciphers = "SHA1, eNULL, aNULL";
 
-        # Restrict and prioritize the following curves in the given order
-        # Excludes curves that have no widespread support, so we don't bloat the handshake needlessly.
-        # https://www.postfix.org/postconf.5.html#tls_eecdh_auto_curves
         tls_config_file =
           let
             mkGroupString = groups: concatStringsSep " / " (map (concatStringsSep ":") groups);
@@ -432,14 +429,44 @@ in
             sections = {
               postfix_settings.ssl_conf = "postfix_ssl_settings";
               postfix_ssl_settings.system_default = "baseline_postfix_settings";
-              baseline_postfix_settings.Groups = mkGroupString [
-                [ "*X25519MLKEM768" ]
-                [ "*X25519" ]
-                [
-                  "P-256"
-                  "P-384"
-                ]
-              ];
+              baseline_postfix_settings = {
+                # Full list: openssl list -tls-groups
+                # Restrict and prioritize the following curves in the given order
+                # Excludes curves that have no widespread support, so we don't bloat the handshake needlessly.
+                # https://www.postfix.org/postconf.5.html#tls_eecdh_auto_curves
+                Groups = mkGroupString [
+                  [ "*X25519MLKEM768" ]
+                  [ "*X25519" ]
+                  [
+                    "P-256"
+                    "P-384"
+                  ]
+                ];
+                SignatureAlgorithms = concatStringsSep ":" [
+                  # Full list: openssl list -tls-signature-algorithms
+                  # Reduced to algorithms with key material supported in CA/B
+                  # baseline requirements and excluding deprecated algorithms
+                  # like SHA1.
+
+                  # EcDSA certificates
+                  # https://cabforum.org/working-groups/server/baseline-requirements/requirements/#71312-ecdsa
+                  "ecdsa_secp256r1_sha256"
+                  "ecdsa_secp384r1_sha384"
+                  "ecdsa_secp521r1_sha512"
+
+                  # RSA certificates
+                  # https://cabforum.org/working-groups/server/baseline-requirements/requirements/#71311-rsa
+                  "rsa_pss_rsae_sha256"
+                  "rsa_pss_rsae_sha384"
+                  "rsa_pss_rsae_sha512"
+                  "rsa_pss_pss_sha256"
+                  "rsa_pss_pss_sha384"
+                  "rsa_pss_pss_sha512"
+                  "rsa_pkcs1_sha256"
+                  "rsa_pkcs1_sha384"
+                  "rsa_pkcs1_sha512"
+                ];
+              };
             };
           };
         tls_config_name = "postfix";