Loading ...
Sorry, an error occurred while loading the content.

293823Re: STARTTLS not announced?!

Expand Messages
  • Benny Pedersen
    Jun 14, 2013
    • 0 Attachment
      Nabil Alsharif skrev den 2013-06-15 02:59:

      >>> smtp_tls_note_starttls_offer = yes
      >>> smtp_use_tls = yes
      >>
      >> smtp_ is for sending
      > Ok so these two options are telling Postfix to check if STARTTLS is
      > offered by the peer and use TLS if available, right?

      correct

      >>> smtpd_banner = $myhostname ESMTP
      >>> smtpd_recipient_restrictions = permit_mynetworks
      >>> reject_unauth_destination
      >>> smtpd_tls_CAfile = /etc/pki/dovecot/certs/dovecot.pem
      >>> smtpd_tls_auth_only = yes
      >>
      >> this disable starttls since we already is using ssl/tls now
      > huh? This part I don't quite understand. How are we disabling TLS?
      > Where was it enabled before? when we said smtp_use_tls = yes?

      it does not disable tls/ssl, but it removes starttls in plain
      connection without tls/ssl

      smtpd vs smtp confusion ?

      with that setting all smtpd_ clients must use tls or ssl

      >>> smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem
      >>> smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem
      >>> smtpd_tls_loglevel = 1
      >>> smtpd_tls_security_level = encrypt
      >>> smtpd_use_tls = yes

      note here its recieving part of postfix not sending

      --
      senders that put my email into body content will deliver it to my own
      trashcan, so if you like to get reply, dont do it
    • Show all 20 messages in this topic