On Fri, 22 Dec 2017 09:52:13 +
Dominic Raferd wrote:
> On 22 December 2017 at 09:38, li...@lazygranch.com
> wrote:
>
> > ...
> > From main.cf (sanitized):
> >
> > # TLS
> > smtpd_use_tls = yes
> >
> > smtpd_tls_security_level = may
> > smtpd_tls_auth_only = yes
> > smtpd_tls_key_file = /etc/letsencrypt/live/mydomain.com/privkey.pem
> > smtpd_tls_cert_file
> > = /etc/letsencrypt/live/mydomain.com/fullchain.pem
> > smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes
> > #next line experimental
> >
> > smtpd_tls_ask_ccert = yes
> > smtpd_tls_session_cache_timeout = 3600s
> > tls_random_source = dev:/dev/urandom
>
>
> BTW, smtpd_use_tls = yes is deprecated for Postfix 2.3+:
>
> smtpd_tls_security_level = may achieves the same thing.
Thanks. I just commented out the line and everything works the same.
I have
compatibility_level = 2
in the main.cf.