At 07:04 AM 1/6/2021, Paul Heinlein wrote: >On Wed, 6 Jan 2021, Kenneth Porter wrote: > >>--On Tuesday, January 05, 2021 7:40 PM -0800 david <david at daku.org> wrote: >> >>>In examining the file >>> /etc/dovecot/conf.d/10-ssl.conf >>>I see the text line: >>> ssl_cipher_list = PROFILE=SYSTEM >>>Yet, I cannot find any documentation that explains what that causes, >>>where the values are stored. I ask because I don't see that text line in >>>other installations of Dovecot 2.3 on other distros. Can anyone point me >>>to an explanation? >> >>The value of ssl_cipher_list is passed directly to OpenSSL's >>SSL_CTX_set_cipher_list(): >> >><https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_set_cipher_list.html> >> >>See here for the meaning of PROFILE=SYSTEM: >> >><https://fedoraproject.org/wiki/Changes/CryptoPolicy#Scope> > >Additionally, on your local system, look at > >* the crypto-policies(7) man page >* the update-crypto-policies(8) man page >* the contents of the /etc/crypto-policies directory tree > >Several applications use these policies, so it's worthwhile to take >a look around. > >-- >>>If only there had been a comment in the file /etc/dovecot/conf.d/10-ssl.conf Thanks for the guidance David