postfix/postfix-ssl-release-buffers.patch

--- src/tls/tls_client.c.orig	2019-03-11 14:24:34.492448719 +0100
+++ src/tls/tls_client.c	2019-03-11 14:27:42.824448001 +0100
@@ -397,6 +397,11 @@
     SSL_CTX_set_security_level(client_ctx, 0);
 #endif
 
+#ifdef SSL_MODE_RELEASE_BUFFERS
+    /* Keep memory usage as low as possible */
+    SSL_CTX_set_mode(client_ctx, SSL_MODE_RELEASE_BUFFERS);
+#endif
+
     /*
      * See the verify callback in tls_verify.c
      */
--- src/tls/tls_server.c.orig	2019-03-11 14:26:04.700448375 +0100
+++ src/tls/tls_server.c	2019-03-11 14:27:49.184447977 +0100
@@ -455,6 +455,10 @@
     SSL_CTX_set_security_level(sni_ctx, 0);
 #endif
 
+#ifdef SSL_MODE_RELEASE_BUFFERS
+    /* Keep memory usage as low as possible */
+    SSL_CTX_set_mode(server_ctx, SSL_MODE_RELEASE_BUFFERS);
+#endif
     /*
      * See the verify callback in tls_verify.c
      */