Le 06/07/2017 à 15:59, Viktor Dukhovni a écrit :
The reason ADH is used, is that the client is not bothering to authenticate the server, and so does not bother to ask for a certificate it will anyhow ignore. If you want secure transport, you need to set the client TLS security level to "secure", "fingerprint", "dane" or "dane-only".http://www.postfix.org/TLS_README.html#client_tls_secure http://www.postfix.org/TLS_README.html#client_tls_fprint http://www.postfix.org/TLS_README.html#client_tls_dane
dane-only in client config is what I needed, thanks :) -- Bastien Durel
