diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2013-07-16 17:47:31 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2013-07-16 17:47:31 -0300 |
| commit | 5a5d24da9269fff45377c0ec2170cb89846769f7 (patch) | |
| tree | d4440efac7e05dbc641b484e953b461baeca2931 /templates | |
| parent | c180e9c974ce638052664c135cc99b912538e99a (diff) | |
| download | puppet-mail-5a5d24da9269fff45377c0ec2170cb89846769f7.tar.gz puppet-mail-5a5d24da9269fff45377c0ec2170cb89846769f7.tar.bz2 | |
Trying a more restrictive cipher suite for dovecot
Diffstat (limited to 'templates')
| -rw-r--r-- | templates/dovecot/dovecot.conf.squeeze.erb | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/templates/dovecot/dovecot.conf.squeeze.erb b/templates/dovecot/dovecot.conf.squeeze.erb index 705d868..c9b092c 100644 --- a/templates/dovecot/dovecot.conf.squeeze.erb +++ b/templates/dovecot/dovecot.conf.squeeze.erb @@ -120,7 +120,8 @@ ssl_key_file = /etc/ssl/private/cert.pem #ssl_parameters_regenerate = 168 # SSL ciphers to use -ssl_cipher_list = ALL:!LOW:!SSLv2 +# See http://www.virtualmin.com/node/25057 +ssl_cipher_list = HIGH:!LOW:!MEDIUM:!MD5:!SSL2:!EXP-ADH-DES-CBC-SHA:!EXP-EDH-RSA-DES-CBC-SHA:!EXP-DES-CBC-SHA:!EXP-EDH-RSA-DES-CBC-SHA:!EXP-ADH-DES-CBC-SHA:!EXP-DES-CBC-SHA:!ADH-AES256-SHA:!ADH-AES128-SHA:!ADH-DES-CBC3-SHA:!EXP-ADH-DES-CBC-SHA:!EXP-ADH-DES-CBC-SHA:!ADH-DES-CBC3-SHA:+TLSv1:+SSLv3:!SSLv2:+TLSv1.1:+TLSv1.2 # Show protocol level SSL errors. #verbose_ssl = no |