As some test suite recommendations might be harsher than what is practical I thought I'd check with the people who actually work on Postfix.
1) some test sites say TLS 1.0 should be disabled for NIST compliance. Is that recommended? What about 1.1? 2) is there a page that has up-to-date recommendations on this and items like cipher list settings from the Postfix maintenaners. Thanks for any tips. Sorry if this is basic but I'm a full-time writer, part-time sysop. However I'd rather my system be part of the solution and not part of the problem.
