* Lars Kollstedt: > is there a clean way to optionally present a client certificate to a > Postfix MX [...]
I hope I don't misinterpret your question here. When acting as an SMTP client, Postfix should present the certificate you have defined via smtp_tls_cert_file if the receiving Postfix (the SMTP server) uses smtpd_tls_ask_ccert=yes. That matches your example settings. However, I don't see you using relay_clientcerts=/path/to/clientcerts anywhere. That would be required on the SMTP server side to actually look up certificate fingerprints. -Ralph