On Thu, Oct 24, 2024 at 11:33:22 -0400, Wietse Venema via Postfix-users wrote: > And for the Postfix SMTP server, this would add two guards > to Viktor's example: > > smtpd_tls_security_level = > ${{$compatibility_level} >=level {3.10} ? > {${built_with_tls ? > {${smtpd_tls_chain_files ? {may} : > {${smtpd_tls_cert_file ? {may} : > {${smtpd_tls_eccert_file ? {may} : > {${smtpd_tls_dcert_file ? {may}}}}}}}}}}}} > > Configuration like this is ugly, and is acceptable only for > compiled-in default settings.
I would think that a postfix installer or packager that installs a default certificate, can also add an explicit "smtpd_tls_security_level = may" to the accompanying main.cf, so all these conditions are not really necessary for the server side? For the client side, with no dependencies beyond "built_with_tls", it's a good idea. Geert _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org