diff -ru /usr/ports/mail/qmail/Makefile qmail/Makefile
--- /usr/ports/mail/qmail/Makefile	2019-01-31 11:59:22.000000000 +0100
+++ qmail/Makefile	2019-02-10 23:27:39.793432000 +0100
@@ -3,7 +3,7 @@
 
 PORTNAME=	${QMAIL_PORTNAME}
 PORTVERSION?=	${QMAIL_VERSION}
-PORTREVISION?=	3
+PORTREVISION?=	4
 CATEGORIES=	mail
 MASTER_SITES+=	QMAIL
 DISTNAME=	${PORTNAME}-${QMAIL_VERSION}
@@ -134,8 +134,6 @@
 
 PATCH_DIST_STRIP+=	-p1
 
-.include <bsd.port.options.mk>
-
 .if !defined(BARRIER_DNS_PATCH)
 # Patch necessary to cope with non-RFC >512 dns entries
 # Since AOL has been using those, the problem has skyrocketed from minor to
@@ -170,9 +168,6 @@
 PATCH_SITES+=	http://inoa.net/qmail-tls/:tls
 TLS_PATCH_NAME=	${QMAIL_PORTNAME}-${QMAIL_VERSION}-tls-${TLS_PATCH_DATE}.patch
 PATCHFILES+=	${TLS_PATCH_NAME}:tls
-.if ${OPSYS} == FreeBSD && ${OSVERSION} >= 1200000
-EXTRA_PATCHES+=	${FILESDIR}/netqmail-1.06-tls-20160918-freebsd-12.patch
-.endif
 .endif
 
 PATCH_SITES+=	LOCAL/bdrewery/qmail/:dns,sendmail_flagf,rfc2821,ldap,mysql,tls,quota,blockexec,doublebounce,spf,spf_tls,localtime,qmtpc_outgoingip
@@ -387,6 +382,12 @@
 NO_MTREE=	yes
 NO_PREFIX_RMDIR=yes
 
+.include <bsd.port.options.mk>
+
+.if defined(SLAVE_TLS) && ${OPSYS} == FreeBSD && ${OSVERSION} >= 1200000
+EXTRA_PATCHES+=	${FILESDIR}/netqmail-1.06-tls-20160918-freebsd-12.patch
+.endif
+
 .if ${ARCH} == "amd64" && !defined(SLAVE_LDAP) \
     && !defined(SLAVE_SPAMCONTROL)
 EXTRA_PATCHES+=			${FILESDIR}/extra-patch-amd64