From b5c844d70496aa01dd1ff31e64db79c87926aa77 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Wed, 12 Feb 2020 10:36:54 +0100
Subject: [PATCH] [Postfix] IMPORTANT: Disabling TLS 1.0 and 1.1 for submission
 and smtps

---
 data/conf/postfix/main.cf | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/data/conf/postfix/main.cf b/data/conf/postfix/main.cf
index 8104db52..d31702e7 100644
--- a/data/conf/postfix/main.cf
+++ b/data/conf/postfix/main.cf
@@ -192,8 +192,9 @@ postscreen_discard_ehlo_keywords = silent-discard, dsn
 compatibility_level = 2
 smtputf8_enable = yes
 # Define protocols for SMTPS and submission service
-submission_smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
-smtps_smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
+submission_smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
+smtps_smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
+
 smtpd_client_recipient_rate_limit = 50
 
 # DO NOT EDIT ANYTHING BELOW #