SMBv1 workarounds and FTP are just plain insecure. Stunnel is just a bandaid for a deeper underlying security issue (especially for SMTP). I'm an IT sysadmin by trade, and i would tell people to only use these types of workarounds or less secure protocols if you are comfortable with letting anyone see what you are putting through your MFP. Except for SMBv1, i would never enable that, ever.
Sure with proper firewalling and tunnelling you can avoid that, and maybe a good IT staff can maintain it. But as a copier tech, you aren't IT staff. IMO, that's risk not worth taking on. People like to think of copiers like any old appliance, but they are computers. A vulnerable computer is a risk to the whole network.
So I'm with your boss on this one, but i'd probably try to offer some kind of less painful upgrade plan just to attempt to keep the business. But from a IT perspective, i have lost many customers over things like this, and i just move on. I refuse to potentially have a court case against me for running an insecure system just to try to save a buck. Simply not worth it.
Bookmarks