diff --git a/roles/mail_server/defaults/main.yml b/roles/mail_server/defaults/main.yml
index 25b4b7a5cd31d9a31aa87d3fbcda893bb3d9bccc..01f6ff4a549772216490b3a342d7d45dd7a75416 100644
--- a/roles/mail_server/defaults/main.yml
+++ b/roles/mail_server/defaults/main.yml
@@ -19,16 +19,3 @@ ECDHE-RSA-CHACHA20-POLY1305:\
 !aNULL:!MD5:!EXPORT"
 mail_message_size_limit: 10240000
 mail_server_smtp_additional_configuration: ""
-
-# Internal use only.
-
-# Map Postfix smtpd allowed protocols based on minimum protocol
-# specified (for use with submission port smtpd instance). A bit
-# repetative, but easy to understand.
-mail_server_smtpd_submission_protocols:
-  SSLv2: ["SSLv2", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"]
-  SSLv3: ["SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"]
-  TLSv1: ["TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"]
-  TLSv1.1: ["TLSv1.1", "TLSv1.2", "TLSv1.3"]
-  TLSv1.2: ["TLSv1.2", "TLSv1.3"]
-  TLSv1.3: ["TLSv1.3"]
diff --git a/roles/mail_server/templates/master.cf.j2 b/roles/mail_server/templates/master.cf.j2
index 166036fea5fd4d0aa2595d132c7b19c73d0ed308..5282338ace33de2de3d204a7e8b9c7d177ddd68f 100644
--- a/roles/mail_server/templates/master.cf.j2
+++ b/roles/mail_server/templates/master.cf.j2
@@ -152,6 +152,6 @@ submission inet n       -       y       -       -       smtpd
   -o smtpd_relay_restrictions=
   -o smtpd_sender_restrictions=reject_sender_login_mismatch,permit_sasl_authenticated,reject
   -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-  -o smtpd_tls_mandatory_protocols={{ mail_server_smtpd_submission_protocols[mail_server_minimum_tls_protocol] | join(',') }}
+  -o smtpd_tls_mandatory_protocols=>={{ mail_server_minimum_tls_protocol }}
   -o smtpd_tls_mandatory_ciphers=high
   -o tls_high_cipherlist={{ mail_server_tls_ciphers }}