Increase security of postfix smtp tls ciphers, that is sending email to other smtp servers using encryption

roles/mailserver/templates/etc_postfix_main.cf.j2

 smtpd_tls_received_header = yes
 smtp_tls_note_starttls_offer = yes
 smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
+# http://www.postfix.org/FORWARD_SECRECY_README.html
+smtp_tls_ciphers = medium
+
 
 smtpd_sasl_type = dovecot
 smtpd_sasl_path = private/auth