Hi,

In my Centos-8 server, it was not necessary using  "Options = ServerPreference" parameter.

My openssl.conf look like that :

openssl_conf = default_modules
[ default_modules ]
ssl_conf = ssl_module
[ ssl_module ]
system_default = crypto_policy
[ crypto_policy ]
.include /etc/crypto-policies/back-ends/opensslcnf.config

And /etc/crypto-policies/back-ends/opensslcnf.config :

CipherString = @SECLEVEL=2:kEECDH:kRSA:kEDH:kPSK:kDHEPSK:kECDHEPSK:-aDSS:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8
Ciphersuites = TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_SHA256
MinProtocol = TLSv1.1
MaxProtocol = TLSv1.3

Regards

Le jeu. 1 oct. 2020 à 17:29, PGNet Dev <pgnet.dev@gmail.com> a écrit :

hi,

On 10/1/20 12:21 AM, JEAN-PAUL CHAPALAIN wrote:
> I had the same problem when migrating from Dovecot V2.2.36 on, Centos-7 to Dovecot v2.3.8 on Centos-8

My report is specifically/solely about the addition/use of the

        Options = ServerPreference

parameter.

I don't see that in your configuration.

Are you using it? In a config using Dovecot's submission proxy?

--

--  Jean-Paul Chapalain - Arkea - DEXT/IAAS
--  1 rue Louis Lichou - Le Relecq-Kerhuon - 29808 Brest Cedex 9, FRANCE
--  +33298002873 (int:302873)
--  Pgpkey=9f7a25a76f7e036a2c07fcb16eccd41c015d5fca