disable tls session tickets to workaround deliverability issues with incoming email from microsoft

for issue #237
2024-12-26 00:13:47 +03:00 · 2024-11-06 10:19:23 +01:00 · 2024-11-06 10:19:23 +01:00 · 22c8911bf3
commit 22c8911bf3
parent 76f7b9ebf6
2 changed files with 3 additions and 1 deletions
--- a/autotls/autotls.go
+++ b/autotls/autotls.go
@ -229,6 +229,7 @@ func (m *Manager) TLSConfig(fallbackHostname dns.Domain, fallbackNoSNI, fallback
 		GetCertificate: func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) {
 			return m.loggingGetCertificate(hello, fallbackHostname, fallbackNoSNI, fallbackUnknownSNI)
 		},
+		SessionTicketsDisabled: true,
 	}
 }

--- a/mox-/config.go
+++ b/mox-/config.go
@ -1920,7 +1920,8 @@ func loadTLSKeyCerts(configFile, kind string, ctls *config.TLS) error {
 		certs = append(certs, cert)
 	}
 	ctls.Config = &tls.Config{
-		Certificates: certs,
+		Certificates:           certs,
+		SessionTicketsDisabled: true,
 	}
 	ctls.ConfigFallback = ctls.Config
 	return nil