config/tls: Set min TLS version to 1.0

Better to have TLS 1.0 than no encryption at all. Default Go client setting of TLS 1.2 is too restrictive for mail infrastructure with lots of outdated servers.
foxcpp · Jul 23, 2024 · f3a6f32 · f3a6f32
1 parent 1d6cd8c
commit f3a6f32
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/framework/config/tls/server.go b/framework/config/tls/server.go
@@ -95,7 +95,7 @@ func readTLSBlock(globals map[string]interface{}, blockNode config.Node) (*TLSCo
 	}, &loader)
 
 	childM.Custom("protocols", false, false, func() (interface{}, error) {
-		return [2]uint16{0, 0}, nil
+		return [2]uint16{tls.VersionTLS10, 0}, nil
 	}, TLSVersionsDirective, &tlsVersions)
 
 	childM.Custom("ciphers", false, false, func() (interface{}, error) {