Support for old SSL protocols and Ciphers

Use case

I have some old devices (Ipads) that are used by me and family members to read recipes while cooking. They are not used for anything else, as they are as insecure as they come because they are stuck on iOS 6 and 8.

In order to get PDFs onto the Ipads we are using Emails to dedicated mail addresses.

Current problem

IMAP on 143

Sep 14 16:08:23 host dovecot[62006]: imap-login: Disconnected: Aborted login by logging out (no auth attempts in 0 secs): user=<>, rip=device_ip, lip=server_ip, session=<HW+s4lMFgPA+mRDp>

IMAP on 993

Sep 14 16:09:16 host dovecot[62006]: imap-login: Disconnected: Connection closed: SSL_accept() failed: error:0A000102:SSL routines::unsupported protocol (no auth attempts in 0 secs): user=<>, rip=device_ip, lip=server_ip, TLS handshaking: SSL_accept() failed: error:0A000102:SSL routines::unsupported protocol, session=<xpHS9VMFjcA+mRDp>

Possible solution

Making https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/blob/master/mail-server/dovecot.nix?ref_type=heads#L253 configurable with the default being the current value could support weird use cases such as this one.