I analyzed my box via hardenize.com. According to them tls 1.0 is supported.
My question is, if hardenize.com is correct, why is; First, tls 1.0 supported? and second how can it be deprecated across all future upgrades
Looking for solutions through prior posts I find that the relevant config file is /etc/postfix/main.cf; mine has: smtpd_tls_protocols=!SSLv2,!SSLv3 but then rather confusingly states: smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3,!TLSv1,!TLSv1.1
Someone probably should write a guide on this, but email is not like web browsing. To support older mail servers, and there are many, who don’t support a later standard. It also supports mail without transport encryption, as there are many servers that don’t use encryption.
When you attempt to alter these things, users will complain. Even if in your specific use case you feel this will not be a problem, it will be for many of the 25,000+ users with MiaB installed.