I think this is not done on binding level but on java level.
Search for the java.security file. Should be in conf/security/java.security in the java root install directory.
First create a copy of this file.
Then check for the entry jdk.tls.disabledAlgorithms.
I am on OH3 and the entry starts with:
jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1
followed by other entries. As you can see TLSv1.2 is not in the list of disabled TLS versions.
After this is restart of the OH service ( not a complete reboot ) is required.
What I do not understand. The provider told me, OH sends mail without any TLS encryption. According to my config of the thing it should send it with TLS 1.0 or other one? But without any excryption is strange.
Sure that it OH that is sending mail without encryption ?
Could it be that an other client is sending unencrypted mail ?
As long as the stuff is unencrypted you can use a network sniffer like wireshark, tshark, tcpdump, may be even your router in case it supports it like the FritzBox does, to capture the network traffic
Based on the content you then can identify which client sent the mail.