Well you can always spin up separate STMP server whit lower security. By this i mean just postfix just beside your printer, not directly facing internet (behind WAN), 20 EUR Raspberry Pi Zero will do just fine. This way you will not facing lower security server directly to internet and from there RPi will use authenticated relay to your proper mail as Mailcow.
Or, I do not recommending this, because you can break future MC update,.. modify your master.conf and start another SMTP service on separate port whit lower security set up to only listen from your printer, possibly using VPN like WireGuard to bypass your ISP if you do not have static IP.
And for ciphers suit there are other directives that you can tweak for postfix like smtpd_tls_ciphers, smtpd_tls_mandatory_ciphers, smtpd_tls_protocols, smtpd_tls_exclude_ciphers, smtpd_tls_ciphers, please refer to 
And at last, be aware: Postfix relies on the system’s OpenSSL library for handling TLS/SSL connections. Therefore, the settings in openssl.conf can indirectly influence Postfix’s behavior, so you need to validate your Cipher suits look for CipherString also related MinProtocol, MaxProtocol, Options