would it be as easy to just add the following to main.cf to use the
reommended setting?
smtpd_tls_chain_files =
/etc/dehydrated/certs/mail-beckspaced-com-rsa/privkey.pem
/etc/dehydrated/certs/mail-beckspaced-com-rsa/fullchain.pem
/etc/dehydrated/certs/mail-beckspaced-com-e
On Sun, Apr 10, 2022 at 10:44:05AM +0200, Admin Beckspaced wrote:
> Dehydrated has the option for different certificate types so I went with
> ECDSA and RSA
>
> https://github.com/dehydrated-io/dehydrated/blob/master/docs/domains_txt.md
>
> Added the following to main.cf
>
> # RSA default
> sm
Or switch my cert to RSA for better compatibility?
This is my recommendation.
On Sat, Apr 09, 2022 at 11:15:37AM +0200, Josef Vybíhal wrote:
smtpd_tls_cert_file = /etc/postfix/tls/rsa/_.acme.com.rsa.fullchain.pem
smtpd_tls_eccert_file = /etc/postfix/tls/ecc/_.acme.com.ecc.fullchain.pem
smtp
On 2022-04-09 at 02:52:54 UTC-0400 (Sat, 9 Apr 2022 08:52:54 +0200)
Admin Beckspaced
is rumored to have said:
Dear Postfix users,
a client told me they don't receive emails from a specific client.
A look in the mail server logs reveals the following:
Apr 8 09:53:07 cx20 postfix/smtpd[5402]:
On Sat, Apr 09, 2022 at 10:55:03AM +0200, Admin Beckspaced wrote:
> > That host has an ECDSA P384 certificate. This is liable to not be
> > supported by older systems. For maximum interoperability, RSA is safer,
> > or with ECDSA perhaps P256, though likely that too is not supported by
> > a pee
I believe I have encountered something similar about a year back. I
ended up doing this (becasue I wanted to have ecc in place):
smtpd_tls_cert_file = /etc/postfix/tls/rsa/_.acme.com.rsa.fullchain.pem
smtpd_tls_eccert_file = /etc/postfix/tls/ecc/_.acme.com.ecc.fullchain.pem
smtpd_tls_eckey_file =
Am 09.04.2022 um 10:06 schrieb Viktor Dukhovni:
On Sat, Apr 09, 2022 at 08:52:54AM +0200, Admin Beckspaced wrote:
Apr 8 09:53:07 cx20 postfix/smtpd[5402]: warning: TLS library problem:
error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared
cipher:ssl/statem/statem_srvr.c:226
On Sat, Apr 09, 2022 at 08:52:54AM +0200, Admin Beckspaced wrote:
> Apr 8 09:53:07 cx20 postfix/smtpd[5402]: warning: TLS library problem:
> error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared
> cipher:ssl/statem/statem_srvr.c:2260:
> smtpd_tls_cert_file =
> /etc/dehydrate
Dear Postfix users,
a client told me they don't receive emails from a specific client.
A look in the mail server logs reveals the following:
Apr 8 09:53:07 cx20 postfix/smtpd[5402]: connect from
mail.euronet-ag.de[195.14.239.4]
Apr 8 09:53:07 cx20 postfix/smtpd[5402]: SSL_accept error from