Files
@ 004a2ec1b5a9
Branch filter:
Location: majic-ansible-roles/roles/mail_server/defaults/main.yml - annotation
004a2ec1b5a9
775 B
text/x-yaml
MAR-230: Add support for TLSv1.3 to the mail_server role:
- Tests/support for older versions have already been dropped
previously.
- Document the specifics of TLSv1.3 cipher configuration.
- Update tests. The DH param test is now applicable only for the
mandatory parameter test servers.
- Tests/support for older versions have already been dropped
previously.
- Document the specifics of TLSv1.3 cipher configuration.
- Update tests. The DH param test is now applicable only for the
mandatory parameter test servers.
e838bcb94a9e e838bcb94a9e b0c92677ba93 e838bcb94a9e e838bcb94a9e e838bcb94a9e ddfeb485fb84 3bd270c9e860 111e954e826d f344ed6181a9 24120c68c6b4 004a2ec1b5a9 004a2ec1b5a9 004a2ec1b5a9 c2f446ec7e2a c2f446ec7e2a c2f446ec7e2a c2f446ec7e2a c2f446ec7e2a c2f446ec7e2a c2f446ec7e2a 004a2ec1b5a9 004a2ec1b5a9 004a2ec1b5a9 c2f446ec7e2a 35fff2909917 f425c5d31475 | ---
enable_backup: false
mail_user: vmail
imap_folder_separator: "/"
smtp_rbl: []
mail_postmaster: "postmaster@{{ ansible_domain }}"
smtp_allow_relay_from: []
local_mail_aliases: {}
imap_max_user_connections_per_ip: 10
mail_server_minimum_tls_protocol: "TLSv1.2"
# TLS_* ciphers are mandated by the TLSv1.3-related standards and
# cannot be disabled when TLSv1.3 is enabled on the server.
mail_server_tls_ciphers: "\
DHE-RSA-AES128-GCM-SHA256:\
DHE-RSA-AES256-GCM-SHA384:\
DHE-RSA-CHACHA20-POLY1305:\
ECDHE-RSA-AES128-GCM-SHA256:\
ECDHE-RSA-AES256-GCM-SHA384:\
ECDHE-RSA-CHACHA20-POLY1305:\
TLS_AES_128_GCM_SHA256:\
TLS_AES_256_GCM_SHA384:\
TLS_CHACHA20_POLY1305_SHA256:\
!aNULL:!MD5:!EXPORT"
mail_message_size_limit: 10240000
mail_server_smtp_additional_configuration: ""
|