From d0b8de72e4ba788ec8e133317a3432336eb7d868 Mon Sep 17 00:00:00 2001
From: kaiyou <pierre@jaury.eu>
Date: Sun, 17 Dec 2017 15:09:10 +0100
Subject: [PATCH] Do not deny HTTP access upon TLS error when the flavor is
 mail

---
 core/nginx/conf/nginx.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/nginx/conf/nginx.conf b/core/nginx/conf/nginx.conf
index ecc20e01..d6436170 100644
--- a/core/nginx/conf/nginx.conf
+++ b/core/nginx/conf/nginx.conf
@@ -62,7 +62,7 @@ http {
       {% endif %}
 
       # If TLS is failing, prevent access to anything except certbot
-      {% if TLS_ERROR %}
+      {% if TLS_ERROR and not TLS_FLAVOR == "mail" %}
       location / {
         return 403;
       }