From 4189017a3a443758613ecc2521d01198cd1616e7 Mon Sep 17 00:00:00 2001
From: thom <thom@amsterdamtech.nl>
Date: Mon, 10 Aug 2020 12:30:01 +0200
Subject: [PATCH] Add ssl_protocols for backwards compatibility (#5423)

---
 install/tpl/debian6_dovecot2.conf.master | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/tpl/debian6_dovecot2.conf.master b/install/tpl/debian6_dovecot2.conf.master
index ce27f2376e..1080eeb559 100644
--- a/install/tpl/debian6_dovecot2.conf.master
+++ b/install/tpl/debian6_dovecot2.conf.master
@@ -7,6 +7,7 @@ mail_privileged_group = vmail
 ssl_cert = </etc/postfix/smtpd.cert
 ssl_key = </etc/postfix/smtpd.key
 ssl_dh = </etc/dovecot/dh.pem
+ssl_protocols = !SSLv2 !SSLv3 !TLSv1 !TLSv1.1
 ssl_min_protocol = TLSv1.2
 ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
 ssl_prefer_server_ciphers = no
-- 
GitLab