On Sun, Sep 08, 2024 at 19:39:43 +0200, hostmaster--- via Postfix-users wrote:
> Interesting approach if i correctly understood what you do: You are running
> STARTTLS, basically accepting unencrypted connections but with
> "warn_if_reject reject_plaintext_session" you are rejecting unencrypted
> s
Interesting approach if i correctly understood what you do: You are running
STARTTLS, basically accepting unencrypted connections but with
"warn_if_reject reject_plaintext_session" you are rejecting unencrypted
sessions once data transfer is about to start? Which is expected to generate
the same ou
On Mon, Sep 09, 2024 at 00:17:08 +1000, Viktor Dukhovni via Postfix-users wrote:
> And of course, I'd negligent to not mention that I don't recommend a hard
> requirement of TLS on port 25, you may one day reject some important mail
> and not even know it, and if STARTTLS stops working, you may be
On Sun, Sep 08, 2024 at 01:36:39AM +0200, hostmaster--- via Postfix-users
wrote:
>>
>> smtp inet n - - - - smtpd
>> -o smtpd_tls_security_level=encrypt
>I thought you were using postscreen?
The postscreen post came from the LinuxMail.cc guy "hijacking" my
On Sun, Sep 08, 2024 at 01:36:39AM +0200, hostmaster--- via Postfix-users wrote:
>
> smtp inet n - - - - smtpd
> -o smtpd_tls_security_level=encrypt
I thought you were using postscreen? This is smtpd(8) listening
directly on port 25. For use postscreen, yo
