On Sun, Aug 15, 2021 at 09:37:17AM +1000, raf <post...@raf.org> wrote:
> I recommend using a CA-approved certificate like > LetsEncrypt just because Postfix will use the same > certificate for submissions on port 587, and mail > clients (like Thunderbird) might complain if a > self-signed certificate is used in that context. Actually, that might be wrong. Maybe Thunderbird only complains about self-signed certificates for getting mail (IMAPS/POPS), rather than for sending mail (SMTP/STARTTLS). I don't know. If so, it might only affect e.g. Dovecot's choice of certificate rather than Postfix's. But chances are, if you use both, you'll probably want them to use the same certificate. cheers, raf
