Index: postfix/src/tls/tls_client.c
===================================================================
--- postfix.orig/src/tls/tls_client.c
+++ postfix/src/tls/tls_client.c
@@ -414,6 +414,9 @@ TLS_APPL_STATE *tls_client_init(const TL
     SSL_CTX_set_min_proto_version(client_ctx, 0);
 #endif
 
+    /* Enable all supported protocols */
+    SSL_CTX_set_min_proto_version(client_ctx, 0);
+
     /*
      * Set the call-back routine for verbose logging.
      */
Index: postfix/src/tls/tls_server.c
===================================================================
--- postfix.orig/src/tls/tls_server.c
+++ postfix/src/tls/tls_server.c
@@ -539,6 +539,9 @@ TLS_APPL_STATE *tls_server_init(const TL
     if (protomask != 0)
 	SSL_CTX_set_options(server_ctx, TLS_SSL_OP_PROTOMASK(protomask));
 
+    /* Enable all supported protocols */
+    SSL_CTX_set_min_proto_version(server_ctx, 0);
+
     /*
      * Some sites may want to give the client less rope. On the other hand,
      * this could trigger inter-operability issues, the client should not