If you use CSF/LFD with DirectAdmin and run its Server Security Check ("via CSF/LFD's Check Server Security"), you may notice the following warning:
Check dovecot weak SSL/TLS Ciphers (ssl_cipher_list)
You can safely ignore this warning.
The firewall checks for the ciphers and protocols in the file /etc/dovecot/dovecot.conf, but this file contains the following include to another file that CSF/LFD doesn't check:
This file contains the cipher and protocol configuration. You can check your Dovecot SSL configuration like so to ensure that strong ciphers and protocols are in use:
grep -i 'protocol\|cipher' /etc/dovecot/conf/ssl.conf
Alternatively, you can scan with nmap to confirm the protocols and ciphers used:
nmap localhost -p 993 --script ssl-enum-ciphers
You can use the above command as the root user via SSH and query localhost as shown, or you could use it in a remote terminal by replacing 'localhost' with the server IP/hostname or a domain that resolves to the server. The output will be a list of protocols and the ciphers supported for each.