293827Re: STARTTLS not announced?!
- Jun 14, 2013On Sat, Jun 15, 2013 at 03:45:02AM +0200, Benny Pedersen wrote:
> Nabil Alsharif skrev den 2013-06-15 02:59:smtp_tls_note_starttls_offer means to note (i.e., log) when a remote
> >>> smtp_tls_note_starttls_offer = yes
> >>> smtp_use_tls = yes
> >>smtp_ is for sending
> >Ok so these two options are telling Postfix to check if STARTTLS
> >is offered by the peer and use TLS if available, right?
server offers STARTTLS. "smtp_use_tls=yes" is the same as (replaced
by) "smtp_tls_security_level=may". All of these are covered in the
TLS_README.html (except for the deprecated settings, of course.)
And none of this is relevant to the $SUBJECT at hand.
> >>> smtpd_banner = $myhostname ESMTPWrong, Benny. See postconf.5.html#smtpd_tls_auth_only and the
> >>> smtpd_recipient_restrictions = permit_mynetworks
> >>> smtpd_tls_CAfile = /etc/pki/dovecot/certs/dovecot.pem
> >>> smtpd_tls_auth_only = yes
> >>this disable starttls since we already is using ssl/tls now
correction posted by Jan, with which you tried to argue.
> >huh? This part I don't quite understand. How are weWe're not. That was wrong.
> >disabling TLS?
> >Where was it enabled before? when we said smtp_use_tls = yes?That deprecated setting is not relevant.
> it does not disable tls/ssl, but it removes starttls in plainAlso wrong.
> connection without tls/ssl
> smtpd vs smtp confusion ?With smtpd_tls_security_level=encrypt, yes; not with
> with that setting all smtpd_ clients must use tls or ssl
smtpd_tls_auth_only=yes. Wrong and misleading posts will not help.
I think the OP will have to fix the logging problem before we can
solve this issue.
http://rob0.nodns4.us/ -- system administration and consulting
Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
- << Previous post in topic Next post in topic >>