Hello Byung-Hee, I do have all of the following in my TLS policy: domain may mx.domain may [mx.domain]:25 may and it doesn´t work for me. Thanks, Joachim
-----Ursprüngliche Nachricht----- Von: owner-postfix-us...@postfix.org <> Im Auftrag von Byung-Hee HWANG Gesendet: Friday, 27 May 2022 11:01 An: postfix-users@postfix.org Betreff: Re: transport map with TLS policies? Hellow Joachim, "Joachim Lindenberg" <postfix-us...@lindenberg.one> writes: > I wanted to send a mail to a domain yesterday, that was using dead MX > records and one the one MX that was alive, was presenting an untrusted > certificate (my server uses verify by default). I added a transport > map (or “route” as mailcow-dockerized calls it) that points to the > alive MX plus a TLS policies for the domain and MX that asks for > “may”, but flushing the queue I still got “untrusted certificate”. I > temporarily changed my default to may and the mail was delivered. > > Are TLS policies applied at all after setting a domain specific transport? This are my example: gmail.com verify [yw-1204.doraji.xyz]:2525 encrypt yw-1204 is smtp server -- [FQDN], which is just relay server. gmail.com is domain, which have MX(s). > I cannot rule out that the problem is mailcow specific of course. > > Thanks, > > Joachim > Thanks, Sincerely, Linux fan Byung-Hee -- ^고맙습니다 _地平天成_ 감사합니다_^))//
