From f6aa7e2b1872855876c8c962943ac268522d449d Mon Sep 17 00:00:00 2001
From: Jakub Skokan <jakub.skokan@havefun.cz>
Date: Wed, 28 Oct 2020 21:41:00 +0100
Subject: [PATCH] Allow TLSv1 for compatibility with older devices

---
 mail-server/dovecot.nix | 2 +-
 mail-server/postfix.nix | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/mail-server/dovecot.nix b/mail-server/dovecot.nix
index b3feeaa..863ced6 100644
--- a/mail-server/dovecot.nix
+++ b/mail-server/dovecot.nix
@@ -360,7 +360,7 @@ in
 
         # https://ssl-config.mozilla.org/#server=dovecot&version=2.3.21&config=intermediate&openssl=3.4.1&guideline=5.7
         ssl = required
-        ssl_min_protocol = TLSv1.2
+        ssl_min_protocol = TLSv1
         ssl_prefer_server_ciphers = no
         ssl_curve_list = X25519MLKEM768:X25519:prime256v1:secp384r1
 
diff --git a/mail-server/postfix.nix b/mail-server/postfix.nix
index 2d0c56a..562c4b0 100644
--- a/mail-server/postfix.nix
+++ b/mail-server/postfix.nix
@@ -375,8 +375,8 @@ in
         smtpd_tls_auth_only = true;
 
         # TLS versions supported for the SMTP server
-        smtpd_tls_protocols = ">=TLSv1.2";
-        smtpd_tls_mandatory_protocols = ">=TLSv1.2";
+        smtpd_tls_protocols = ">=TLSv1";
+        smtpd_tls_mandatory_protocols = ">=TLSv1";
 
         # Require ciphersuites that OpenSSL classifies as "High"
         smtpd_tls_ciphers = "high";