1/ We test with the domain name xxx.com instead of mail.xxx.com and it works, no any problem.
2/ We still want to use mail.xxx.com because this is the best option if we want to change later our mail server.
So we did your fix again, we issued again the mail server ssl for mail.xxx.com
We test, we connect to our email, and when trying to send an email we are blocked by the pop-ups. Still the same problem.
The checking of ssl checker :
We check after the Check tls because we find that weird ssl checker say everything is fine, and on our side we have still the problem :