Skip to content

GH-332 updates syntax for dovecot >= 2.4.0#341

Closed
aw-engineer wants to merge 1 commit intomozilla:masterfrom
aw-engineer:dovecot_2.4.0
Closed

GH-332 updates syntax for dovecot >= 2.4.0#341
aw-engineer wants to merge 1 commit intomozilla:masterfrom
aw-engineer:dovecot_2.4.0

Conversation

@aw-engineer
Copy link
Copy Markdown
Contributor

@aw-engineer aw-engineer commented Sep 7, 2025
edited
Loading

summary

  • updated syntax for dovecot >= 2.4.0
  • reformatted dovecot.js with $ npx standard src/js/helpers/dovecot.js --fix

example output

2.4.0

modern 
# generated 2025-09-07, Mozilla Guideline v5.7, Dovecot 2.4.0, OpenSSL 3.4.0, modern config
# http://localhost:5500/#server=dovecot&version=2.4.0&config=modern&openssl=3.4.0&guideline=5.7

ssl = required
ssl_server_cert_file = /path/to/signed_cert_plus_intermediates
ssl_server_key_file = /path/to/private_key

# modern configuration
ssl_min_protocol = TLSv1.3
ssl_server_prefer_ciphers = client
ssl_curve_list = X25519:prime256v1:secp384r1
intermediate 
# generated 2025-09-07, Mozilla Guideline v5.7, Dovecot 2.4.0, OpenSSL 3.4.0, intermediate config
# http://localhost:5500/#server=dovecot&version=2.4.0&config=intermediate&openssl=3.4.0&guideline=5.7

ssl = required
ssl_server_cert_file = /path/to/signed_cert_plus_intermediates
ssl_server_key_file = /path/to/private_key

# intermediate configuration
ssl_min_protocol = TLSv1.2
ssl_server_prefer_ciphers = client
ssl_curve_list = X25519:prime256v1:secp384r1
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
old 
# generated 2025-09-07, Mozilla Guideline v5.7, Dovecot 2.4.0, OpenSSL 3.4.0, old config
# http://localhost:5500/#server=dovecot&version=2.4.0&config=old&openssl=3.4.0&guideline=5.7

ssl = required
ssl_server_cert_file = /path/to/signed_cert_plus_intermediates
ssl_server_key_file = /path/to/private_key

# old configuration
ssl_min_protocol = TLSv1
ssl_server_prefer_ciphers = server
ssl_curve_list = X25519:prime256v1:secp384r1
ssl_cipher_list = @SECLEVEL=0:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA

2.3.21

modern 
# generated 2025-09-07, Mozilla Guideline v5.7, Dovecot 2.3.21, OpenSSL 3.4.0, modern config
# http://localhost:5500/#server=dovecot&version=2.3.21&config=modern&openssl=3.4.0&guideline=5.7

ssl = required
ssl_cert = </path/to/signed_cert_plus_intermediates
ssl_key = </path/to/private_key

# modern configuration
ssl_min_protocol = TLSv1.3
ssl_prefer_server_ciphers = no
ssl_curve_list = X25519:prime256v1:secp384r1
intermediate 
# generated 2025-09-07, Mozilla Guideline v5.7, Dovecot 2.3.21, OpenSSL 3.4.0, intermediate config
# http://localhost:5500/#server=dovecot&version=2.3.21&config=intermediate&openssl=3.4.0&guideline=5.7

ssl = required
ssl_cert = </path/to/signed_cert_plus_intermediates
ssl_key = </path/to/private_key

# curl http://localhost:5500/ffdhe2048.txt > /path/to/dhparam
ssl_dh = </path/to/dhparam

# intermediate configuration
ssl_min_protocol = TLSv1.2
ssl_prefer_server_ciphers = no
ssl_curve_list = X25519:prime256v1:secp384r1
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
old 
# generated 2025-09-07, Mozilla Guideline v5.7, Dovecot 2.3.21, OpenSSL 3.4.0, old config
# http://localhost:5500/#server=dovecot&version=2.3.21&config=old&openssl=3.4.0&guideline=5.7

ssl = required
ssl_cert = </path/to/signed_cert_plus_intermediates
ssl_key = </path/to/private_key

# openssl dhparam 1024 > /path/to/dhparam
ssl_dh = </path/to/dhparam

# old configuration
ssl_min_protocol = TLSv1
ssl_prefer_server_ciphers = yes
ssl_curve_list = X25519:prime256v1:secp384r1
ssl_cipher_list = @SECLEVEL=0:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA

@aw-engineer
mozillaGH-332 updates syntax for dovecot >= 2.4.0
0ce8673 
reformatted dovecot.js with
$ npx standard src/js/helpers/dovecot.js --fix
@gstrauss
Copy link
Copy Markdown
Collaborator

gstrauss commented Mar 21, 2026
edited
Loading

Thank you for the patch and sorry for the long delay in review.

Please keep formatting changes in separate patches, and prefer to match existing formatting.

@gstrauss gstrauss closed this in 41a7773 Mar 21, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aw-engineer @gstrauss