Based on an idea from Mischa, I would like to switch the default
cipher from "HIGH:!aNULL" to "secure" aka.
TLSv1.3:TLSv1.2+AEAD+ECDHE:TLSv1.2+AEAD+DHE", which selects the stricter
modern set (AEAD ciphers with forward secrecy).

I have replaced the text in the manpage with the "cipher" text from
smtpd.conf.5, which is easier to understand.

In my view it makes sense to mention it in faq/current.html, as some
legacy systems might not work with it?

Rafael

diff --git a/relayd.conf.5 b/relayd.conf.5
index 6e95e9a..93f5e93 100644
--- a/relayd.conf.5
+++ b/relayd.conf.5
@@ -970,14 +970,15 @@ The
 .Ic ca key
 option is specified.
 .El
-.It Ic ciphers Ar string
-Set the string defining the TLS cipher suite.
+.It Cm ciphers Ar cipherstr
+Define the list of ciphers that may be used for TLS sessions.
+Refer to the
+.Xr tls_config_set_ciphers 3
+manpage for the format of
+.Ar cipherstr .
 If not specified, the default value
-.Ql HIGH:!aNULL
-will be used (strong crypto cipher suites without anonymous DH).
-See the CIPHERS section of
-.Xr openssl 1
-for information about TLS cipher suites and preference lists.
+.Ql secure
+will be used.
 .It Ic client ca Ar path
 Require TLS client certificates that can be verified against the CA
 certificates in the specified file.
diff --git a/relayd.h b/relayd.h
index c772300..17ba3b4 100644
--- a/relayd.h
+++ b/relayd.h
@@ -711,7 +711,7 @@ TAILQ_HEAD(relay_rules, relay_rule);
 	"\06\01sslv3\02tlsv1.0\03tlsv1.1\04tlsv1.2\05tlsv1.3"	\
 	"\06cipher-server-preference\07client-renegotiation"
 
-#define TLSCIPHERS_DEFAULT	"HIGH:!aNULL"
+#define TLSCIPHERS_DEFAULT	"secure"
 #define TLSECDHECURVES_DEFAULT	"default"
 #define TLSDHPARAM_DEFAULT	"none"