I noticed a similar/same discussion back on Aug 14th titled force ciphers order for clients. However from that thread I can't find quite what I'm after.

From my testing of dovecot 2.1.6, by default it appears to honor the clients cipher list order for SSL/TLS connections.

I can't find any documentation on dovecot providing a setting like Apache HTTPDs to either honor the client or server cipher list i.e. SSLHonorCipherOrder.

Do newer versions (> 2.1.6) of dovecot either make this configurable or force honoring of the servers cipher list order? Or is the cipher selection a function that openssl performs? The version of openssl in use is 1.0.1e-fips.

Thanks Phillip