Hi, i just finished tuning my dovecot setup after upgrading to 2.3.7.2. I needed to add the "ssl_dh =„ parameter to my config as stated in the online docs at dovecot.org <http://dovecot.org/>. That was no problem and is well documented there and the hint in the log on startup also helped to quickly identify the problem.
After that i was curious and read more and did a lot of research. But i just could not find out how to „omit“ the DH parameter as stated in the online docs: https://doc.dovecot.org/installation_guide/upgrading/from-2.2-to-2.3/ <https://doc.dovecot.org/installation_guide/upgrading/from-2.2-to-2.3/> It says : „Since v2.3.3+ DH parameter usage is optional and can be omitted.“ I trried it in different ways. First i disallowed DH on the ssl_cipher_list like it was suggested in the example in this doc. But it will still give Errors on startup/reload of dovecot. Next i tried ssl_dh = that also did not work. I could not figure out how to „omit“ the DH parameter. Is it just my misinterpretation of the config doc? thanks for clarifying Best regards joerg
