From: Victor Duchovni (Victor.Duchovnimorganstanley.com)
Date: Thu Dec 11 2008 - 12:42:10 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Dec 11, 2008 at 01:28:02PM -0500, Dennis Putnam wrote:

> Now that I have TLS working in both directions I thought it would be
> interesting to see if I can get enforced TLS to work also. It seems
> that the 3rd party postfix extension to version 2.1.5 supposedly
> supports that possibility, contrary to my previous understanding.

It does not support it very well, if you want actual enforcement, I would
suggest the official release, at which point you may as well use 2.5.5.

> I seem to have a semblance of that working except internal mail is
> getting deferred because 'starttls' is not offered. I added my domain
> to the hash with "NONE" but that doesn't seem to help. I wonder if I
> need to add 127.0.0.1 instead, or is there something else wrong that
> won't exclude local mail?

Don't bother with enforced TLS in 2.1.

--
        Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majordomopostfix.org?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]