Closed fabiopozzi closed 4 years ago
Huh, that's good to know. Overall, I would usually not recommend Modern for a mail server, since you have little control over the clients that connect to you. If you find a solution to this, lemme know and I'll bump the minimum supported Dovecot version for Modern.
In the interim, maybe it's best to say that Dovecot doesn't support Modern?
I agree, I think it's best to say that Dovecot doesn't support Modern for now.
Fixed, thanks again!
https://ssl-config.mozilla.org/#server=dovecot&version=2.3.4.1&config=modern&openssl=1.1.1d&guideline=5.4 recommends setting TLSv1.3 as minimum protocol version with the line:
ssl_min_protocol = TLSv1.3
With this configuration line dovecot 2.3.4.1 fails to start. The issue has already been notified to dovecot developers as I found this email thread: https://www.mail-archive.com/dovecot@dovecot.org/msg80153.html but I haven't found a solution. I am using Debian 10 with Dovecot 2.3.4.1-5+deb10u2 and openssl 1.1.1d-0+deb10u3
Thank you for your work!