mirror/docker-mailserver.docker-mailserver
1
0
Fork 0
mirror of https://github.com/docker-mailserver/docker-mailserver.git synced 2025-07-30 23:54:46 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

docs: Revise TLS_LEVEL ENV description (#4482)

Browse source
This commit is contained in:
Brennan Kinney 2025-05-21 21:06:32 +12:00 committed by GitHub
parent a0e0013260
commit e5728cf7b6
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 15 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

13
docs/content/config/environment.md
View file

@ -198,8 +198,16 @@ Please read [the SSL page in the documentation][docs-tls] for more information.
##### TLS_LEVEL
- **empty** => modern
- modern => Enables TLSv1.2 and modern ciphers only. (default)
- intermediate => Enables TLSv1, TLSv1.1 and TLSv1.2 and broad compatibility ciphers.
- `modern` => Limits the cipher suite to secure ciphers only.
- `intermediate` => Relaxes security by adding additional ciphers for broader compatibility.
!!! info
In both cases TLS v1.2 is the minimum protocol version supported.
!!! note
Prior to DMS v12.0, `TLS_LEVEL=intermediate` additionally supported TLS versions 1.0 and 1.1. If you still have legacy devices that can only use these versions of TLS, please follow [this workaround advice][gh-issue::tls-legacy-workaround].
##### SPOOF_PROTECTION
@ -1174,3 +1182,4 @@ Provide the credentials to use with `RELAY_HOST` or `DEFAULT_RELAY_HOST`.
[postfix-config::relayhost]: https://www.postfix.org/postconf.5.html#relayhost
[postfix-config::relayhost_maps]: https://www.postfix.org/postconf.5.html#sender_dependent_relayhost_maps
[postfix-config::sasl_passwd]: https://www.postfix.org/postconf.5.html#smtp_sasl_password_maps
[gh-issue::tls-legacy-workaround]: https://github.com/docker-mailserver/docker-mailserver/pull/2945#issuecomment-1949907964