Cleartext email is even more vulnerable than TLSv1. SMTP is not as exposed to the various CBC issues as is HTTP. There is no urgency to disable TLS1 in SMTP. It'll gradually fade away, but there's no need to explicitly disable it at present.
> On Oct 24, 2018, at 4:25 PM, Daniel Ryšlink <rysl...@dialtelecom.cz> wrote: > > > do not disable tlsv1 > > It was recommended to disable support of TLSv1.0 on 30th June 2018 at the > latest, because it includes vulnerable ciphers. > > https://blog.pcisecuritystandards.org/are-you-ready-for-30-june-2018-sayin-goodbye-to-ssl-early-tls -- Viktor.
