disable tls session tickets to workaround deliverability issues with incoming email from microsoft

for issue #237
This commit is contained in:
Mechiel Lukkien 2024-11-06 10:19:23 +01:00
parent 76f7b9ebf6
commit 22c8911bf3
No known key found for this signature in database
2 changed files with 3 additions and 1 deletions

View file

@ -229,6 +229,7 @@ func (m *Manager) TLSConfig(fallbackHostname dns.Domain, fallbackNoSNI, fallback
GetCertificate: func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) {
return m.loggingGetCertificate(hello, fallbackHostname, fallbackNoSNI, fallbackUnknownSNI)
},
SessionTicketsDisabled: true,
}
}

View file

@ -1921,6 +1921,7 @@ func loadTLSKeyCerts(configFile, kind string, ctls *config.TLS) error {
}
ctls.Config = &tls.Config{
Certificates: certs,
SessionTicketsDisabled: true,
}
ctls.ConfigFallback = ctls.Config
return nil