dovecot: prefer client cipher list

All ciphers in TLSv1.2/TLSv1.3 are considered secure, so we can allow the
client to choose the most performant cipher according to their hardware
and software configuration.

This is in line with general recommendations, e.g. by Mozilla[1].

[1] https://wiki.mozilla.org/Security/Server_Side_TLS

mail-server/dovecot.nix

@@ -297,7 +297,7 @@ in
         mail_access_groups = ${vmailGroupName}
         ssl = required
         ssl_min_protocol = TLSv1.2
-        ssl_prefer_server_ciphers = yes
+        ssl_prefer_server_ciphers = no
 
         service lmtp {
           unix_listener dovecot-lmtp {