aither/simple-nixos-mailserver
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Allow TLSv1 for compatibility with older devices

Browse Source
This commit is contained in:
Jakub Skokan
2020-10-28 21:41:00 +01:00
parent 6c11ff592e
commit af9fc4c519
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
mail-server/dovecot.nix
+1 -1
View File
@@ -292,7 +292,7 @@ in
ssl_server_key_file = x509PrivateKeyFile;
# https://ssl-config.mozilla.org/#server=dovecot&version=2.3.21&config=intermediate&openssl=3.4.1&guideline=5.7
ssl = "required";
ssl_min_protocol = "TLSv1.2";
ssl_min_protocol = "TLSv1";
ssl_server_prefer_ciphers = "client";
ssl_cipher_list = lib.concatStringsSep ":" [
# TLS1.3
mail-server/postfix.nix
+2 -2
View File
@@ -392,8 +392,8 @@ in
smtpd_tls_auth_only = true;
# TLS versions supported for the SMTP server
smtpd_tls_protocols = ">=TLSv1.2";
smtpd_tls_mandatory_protocols = ">=TLSv1.2";
smtpd_tls_protocols = ">=TLSv1";
smtpd_tls_mandatory_protocols = ">=TLSv1";
# Require ciphersuites that OpenSSL classifies as "High"
smtpd_tls_ciphers = "high";