On Thu, Jul 11, 2013 at 03:54:37PM +0000, Viktor Dukhovni wrote:
> Therefore, disable SSLv2 in the Postfix client, and you'll almost
> never see this issue. (You could run into it if a server decided
> to renew a ticket, but this is rather unlikely, almost certainly
> no SMTP servers have code for this).
> This assumes your Postfix client version is at least 2.6. If not,
SSLv2 is disabled by default with Postfix 2.7, but you can override
the default in 2.6 to achieve the same effect. With 2.5 and earlier
there is no protocol filter for opportunistic TLS.