From f3a6f3241e9388034bdc996d904ff3bd0f8be1f6 Mon Sep 17 00:00:00 2001 From: "fox.cpp" Date: Tue, 23 Jul 2024 23:00:11 +0300 Subject: [PATCH] config/tls: Set min TLS version to 1.0 Better to have TLS 1.0 than no encryption at all. Default Go client setting of TLS 1.2 is too restrictive for mail infrastructure with lots of outdated servers. --- framework/config/tls/server.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/framework/config/tls/server.go b/framework/config/tls/server.go index f40b3fd7..4d30d2cc 100644 --- a/framework/config/tls/server.go +++ b/framework/config/tls/server.go @@ -95,7 +95,7 @@ func readTLSBlock(globals map[string]interface{}, blockNode config.Node) (*TLSCo }, &loader) childM.Custom("protocols", false, false, func() (interface{}, error) { - return [2]uint16{0, 0}, nil + return [2]uint16{tls.VersionTLS10, 0}, nil }, TLSVersionsDirective, &tlsVersions) childM.Custom("ciphers", false, false, func() (interface{}, error) {