> I can verify the connection using "openssl" as noted by Johannes K and > everything verifies OK with no errors. I am not sure what to think now.
I managed to do a little testing on this. This message is not important if you're not checking client certificates. In my opinion it should only log if the tls verify option is set. It checks if the other MTA / MUA sent a client certificate and if it's valid. For this I've created a ca, signed a client certificate and included the ca in the ca cert option in smtpd. Then connecting with my generated client certificate the following messages are shown: 51c8762b8b73eeb0 smtp connected address=... host=... 51c8762b8b73eeb0 smtp tls ciphers=TLSv1.3:AEAD-AES256-GCM-SHA384:256 51c8762b8b73eeb0 smtp cert-check result="verified" fingerprint="SHA256:fe13baf0c9604a31b0b02ab768ca051ed6994e91c292d4de545f2a8cfb470ec2" 51c8762b8b73eeb0 smtp message msgid=d2cd8a2b size=811 nrcpt=1 proto=ESMTP 51c8762b8b73eeb0 smtp envelope evpid=d2cd8a2b6deec7a1 from=<li...@mailbox.org> to=<li...@example.org> 51c8762c08e7e4e4 mda delivery evpid=d2cd8a2b6deec7a1 from=<li...@mailbox.org> to=<li...@example.org> rcpt=<li...@example.org> user=vmail delay=1s result=Ok stat=Delivered51c8762b8b73eeb0 smtp disconnected reason=quit
