Am 14.11.18 um 20:22 schrieb Aki Tuomi:
> Not possible I'm afraid.
Hello Aki,
is it not possible in 2.2.36 or not possible at all?
I stumbled upon RFC 8314 *) and I found it a welcome option to enforce more
modern protocols/ciphers.
IMAPS/SUBMISSIONS aren't used widely (at least to my knowlege, many postmaster
used to configure IMAP+SUBMISSION and STARTTLS)
Switching Clients to complete new ports is a chance to separate and dry out
legacy MUA's
I just tried this but that's no valid syntax tough:
service imap-login {
inet_listener imap {
port = 143
# using default protocols and ciphers...
}
inet_listener imaps {
port = 993
ssl_protocols = TLSv1.2 TLSv1.3
ssl_cipher_list = ...
}
}
Postfix let me easily define different TLS protocols on different ports.
For that it would be cool if dovecot could assist on such migrations, too.
Andreas
*) see https://tools.ietf.org/html/rfc8314
as well as the draft
https://tools.ietf.org/html/draft-lvelvindron-tls-for-email-02 to deprecate
TLSv1.1
