On Fri, 2 Jun 2023, Tim Woodall wrote:
On Fri, 2 Jun 2023, Jeffrey Walton wrote:
On Fri, Jun 2, 2023 at 2:20?PM Tim Woodall <debianu...@woodall.me.uk>
wrote:
Anyone come across delivery failures where the client cert is signed by
an internal ca.
Are you sure it's not a self-signed end-entity certificate used in an
Opportunistic Encryption scheme?
https://en.wikipedia.org/wiki/Opportunistic_encryption#E-mail
It's my mailserver, CA is mine. I should have said server cert, sorry.
Their server is refusing to deliver to me.
I can change this to use letsencrypt, although that's going to be a
pain. For now my server will not offer STARTTLS to them at all. If I get
another email will be interesting to see if it works.
That worked. Dont offer starttls, ok. Offer but unknown ca, dont send.