Re: TLS: Migrate from *encrypt* to *verify* for specific domain

[Viktor Dukhovni]

> On Sep 25, 2018, at 11:58 AM, Wietse Venema <wie...@porcupine.org> wrote:
> 
>> As for "soft failure" with "verify"
>> (or "secure"), that's not presently supported in Postfix.
> 
> What about using smtp_delivery_status_filter?

By "soft failure", I meant the OP's request to deliver anyway and
just log a warning.  We already tempfail on authentication errors.

What we don't have is "try-tls" setting, that is insecure, but
tamper-evident.

-- 
        Viktor.



-- 
        Viktor.