From 0bde6546165384d6cd4d3c56b597d2102f5729d3 Mon Sep 17 00:00:00 2001
From: Christoph <ckubu@oopen.de>
Date: Mon, 13 Nov 2023 09:25:54 +0100
Subject: [PATCH] install_postfix_advanced.sh: exclude TLSv1 for smtp server
 and TLSv1 and TLSv1.1 for smtp client.

---
 install_postfix_advanced.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/install_postfix_advanced.sh b/install_postfix_advanced.sh
index a0ccbe1..f576533 100755
--- a/install_postfix_advanced.sh
+++ b/install_postfix_advanced.sh
@@ -1828,22 +1828,22 @@ smtp_tls_CAfile = $_TLS_CA_FILE
 # 
 # List of TLS protocols that the Postfix SMTP server will exclude or  
 # include with opportunistic TLS encryption.  
-smtpd_tls_protocols = !SSLv2, !SSLv3
+smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1
 # 
 # The SSL/TLS protocols accepted by the Postfix SMTP server  
 # with mandatory TLS encryption. 
-smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
+smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1
 
 
 # Disable SSLv2 SSLv3 - Postfix SMTP client 
 #  
 # List of TLS protocols that the Postfix SMTP client will exclude or  
 # include with opportunistic TLS encryption.  
-smtp_tls_protocols = !SSLv2, !SSLv3
+smtp_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
 # 
 # List of SSL/TLS protocols that the Postfix SMTP client will use  
 # with mandatory TLS encryption 
-smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
+smtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
 
 
 ## - Activate des "Ephemeral Elliptic Curve Diffie-Hellman" (EECDH) key exchange