Thanks to everyone who responded !
Ultimately it was this : I forgot the fact that indeed, the certificate
used for 465 is for the fqdn and not for the ipv6 of node A.
I forced a source address to force ipv6 to being used and changed the
relay for the fqdn that match the certificate and now it works.
A more explicit error message would be a nice to have in that situation.
Jarod
On 15/10/2023 15:25, Thomas Bohl wrote:
Hello,
I have two smtpd nodes, i'll call them A and B.
Node A is exposed to internet, Node B is not and is relaying
everything to node A.
The action line on node B looks like this :
action "send" relay host smtps://[some kind of ipv6] srs
On Node A, i have a match for that "some kind of ipv6" that does a
relay for everything that comes from node B.
match from src [some kind of ipv6] action "send"
action "send" relay srs
It always helps if you show the whole configuration.
Do you have a certificate for A-[some kind of ipv6]? Since it is a IP
and not a domain I assume it is self-signed? Does B know about your CA?