I set up postfix with: > smtp_tls_policy_maps = hash:/etc/postfix/tls_policy And a list of domains with "may" as the policy for each of them. The problem is postfix hates the certificate (because I don't have it listed as a trusted issuer anywhere).
So I get this error as expected: > Jan 8 01:57:46 Ricochet postfix/smtp[24852]: certificate verification > failed for gmail-smtp-in.l.google.com[74.125.91.27]:25: untrusted > issuer /C=US/O=Equifax/OU=Equifax Secure Certificate Authority Is there a way to have postfix not care about the issuer and just continue? I am aware that there can be security risks, but they exist anyway if postfix fails back to plaintext. Thanks. -- Mike A. Leonetti As warm as green tea