On 28 Oct 2019, at 08:45, Fourhundred Thecat <400the...@gmx.ch> wrote:
> setting ssl_prefer_server_ciphers=yes did the trick. Now my imap client
> uses ECDHE-RSA-AES256-SHA
Now go turn off TLSv1
--
At night when the bars close down
Brandy walks through a silent town
And loves a man who's not
: dovecot@dovecot.org
Sent: October 28, 2019 7:13 AM
To: dovecot@dovecot.org
Reply-to: 400the...@gmx.ch
Subject: changing cipher for imap clients
When my client connects, I see this in my log:
dovecot: imap-login: TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128
bits)
Whereas, when client connects
> On 2019-10-28 15:36, Aki Tuomi wrote:
> Also, you could try the *default* cipher list (unset ssl_cipher_list), which
> is reasonable. Also make sure you have 'ssl_prefer_server_ciphers=yes', so
> that the server-side priority list is used.
setting ssl_prefer_server_ciphers=yes did the trick.
> On 28/10/2019 16:12 Fourhundred Thecat via dovecot
> wrote:
>
>
> When my client connects, I see this in my log:
>
> dovecot: imap-login: TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128
> bits)
>
> Whereas, when client connects to my postfix server, I see:
>
> Anonymous TLS
When my client connects, I see this in my log:
dovecot: imap-login: TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128
bits)
Whereas, when client connects to my postfix server, I see:
Anonymous TLS connection established from * TLSv1 with cipher
ECDHE-RSA-AES256-SHA (256/256 bits)
how can I