Howdy, Upgrading Apple server to Apple's postfix 2.11.0 and seeing this in the logs:
Mar 20 12:12:53 miniserv postfix/smtpd[43174]: warning: TLS library problem: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:/BuildRoot/Library/Caches/com.apple.xbs/Sources/OpenSSL098/OpenSSL098-59/src/ssl/s23_srvr.c:602: TLS seems to work otherwise. Thoughts? Thanks. $ postconf -n biff = no command_directory = /Applications/Server.app/Contents/ServerRoot/usr/sbin config_directory = /Library/Server/Mail/Config/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /Applications/Server.app/Contents/ServerRoot/usr/libexec/postfix data_directory = /Library/Server/Mail/Data/mta debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 dovecot_destination_recipient_limit = 1 header_checks = pcre:/Library/Server/Mail/Config/postfix/custom_header_checks html_directory = /Applications/Server.app/Contents/ServerRoot/usr/share/doc/postfix/html inet_interfaces = all inet_protocols = all mail_owner = _postfix mailbox_size_limit = 0 mailbox_transport = dovecot mailq_path = /Applications/Server.app/Contents/ServerRoot/usr/bin/mailq manpage_directory = /Applications/Server.app/Contents/ServerRoot/usr/share/man message_size_limit = 20485760 mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain mydomain = pointyears.net myhostname = miniserv.pointyears.net mynetworks = 127.0.0.0/8, [::1]/128 , 192.168.1.024 newaliases_path = /Applications/Server.app/Contents/ServerRoot/usr/bin/newaliases queue_directory = /Library/Server/Mail/Data/spool readme_directory = /Applications/Server.app/Contents/ServerRoot/usr/share/doc/postfix recipient_delimiter = - relayhost = smtp.comcast.net sample_directory = /Applications/Server.app/Contents/ServerRoot/usr/share/doc/postfix/examples sendmail_path = /Applications/Server.app/Contents/ServerRoot/usr/sbin/sendmail setgid_group = _postdrop smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/Library/Server/Mail/Config/postfix/sasl/passwd smtp_tls_CAfile = /etc/certificates/miniserv.pointyears.net.B7E7A056237425F3ECE71E44A5CB862B07003F3D.chain.pem smtp_tls_cert_file = /etc/certificates/miniserv.pointyears.net.B7E7A056237425F3ECE71E44A5CB862B07003F3D.cert.pem smtp_tls_key_file = /etc/certificates/miniserv.pointyears.net.B7E7A056237425F3ECE71E44A5CB862B07003F3D.key.pem smtp_tls_loglevel = 1 smtp_tls_mandatory_protocols = !SSLv2, !SSLv3 smtp_tls_protocols = !SSLv2, !SSLv3 smtp_tls_security_level = may smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated permit smtpd_enforce_tls = no smtpd_helo_required = yes smtpd_helo_restrictions = reject_non_fqdn_helo_hostname reject_invalid_helo_hostname smtpd_recipient_restrictions = permit_sasl_authenticated smtpd_sasl_auth_enable = yes smtpd_tls_CAfile = /etc/certificates/miniserv.pointyears.net.B7E7A056237425F3ECE71E44A5CB862B07003F3D.chain.pem smtpd_tls_cert_file = /etc/certificates/miniserv.pointyears.net.B7E7A056237425F3ECE71E44A5CB862B07003F3D.cert.pem smtpd_tls_ciphers = medium smtpd_tls_exclude_ciphers = SSLv2, aNULL, ADH, eNULL, EXPORT smtpd_tls_key_file = /etc/certificates/miniserv.pointyears.net.B7E7A056237425F3ECE71E44A5CB862B07003F3D.key.pem smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3 smtpd_tls_protocols = !SSLv2, !SSLv3 smtpd_use_tls = yes soft_bounce = no tls_random_source = dev:/dev/urandom virtual_alias_domains = $virtual_alias_maps hash:/Library/Server/Mail/Config/postfix/virtual_domains virtual_alias_maps = $virtual_maps hash:/Library/Server/Mail/Config/postfix/virtual_users
