Verified Commit 1fae9c3d authored by Florian Pritz's avatar Florian Pritz
Browse files

dovecot: Update config for 2.3



Signed-off-by: Florian Pritz's avatarFlorian Pritz <bluewind@xinu.at>
parent 4d4f7d30
......@@ -3,6 +3,9 @@
- name: install dovecot
pacman: name=dovecot,pigeonhole state=present
- name: create dhparam
shell: openssl dhparam -out /etc/dovecot/dh.pem 4096 creates=/etc/dovecot/dh.pem
- name: install dovecot.conf
template: src=dovecot.conf.j2 dest=/etc/dovecot/dovecot.conf owner=root group=root mode=0644
notify:
......
......@@ -86,7 +86,8 @@ login_log_format_elements = "user=<%u> method=%m rip=%r lip=%l mpid=%e %c %k"
ssl_cert = </etc/letsencrypt/live/{{mail_domain}}/fullchain.pem
ssl_key = </etc/letsencrypt/live/{{mail_domain}}/privkey.pem
ssl_prefer_server_ciphers = yes
ssl_protocols = !SSLv3
ssl_protocol_min = TLSv1
ssl_dh=</etc/dovecot/dh.pem
ssl_options = no_compression
ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment