Hello, The postfix SMTP client can offload TLS to the tlsproxy by setting "smtp_tls_connection_reuse = yes" But in this mode, some logging occur always twice:
Nov 15 22:04:29 mta postfix/tlsproxy[27148]: Trusted TLS connection established to nexthop.example[2001:db8::25]:587: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384 Nov 15 22:04:29 mta postfix/smtp[27145]: Trusted TLS connection established to nexthop.example[2001:db8::25]:587: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384 Nov 13 09:10:47 mta2 postfix/tlsproxy[7724]: Trusted TLS connection established to mx.example[192.0.2.25]:25: TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange x25519_kyber768 server-signature RSA-PSS (2048 bits) server-digest SHA256 Nov 13 09:10:47 mta2 postfix/smtp[7723]: Trusted TLS connection established to mx.example[192.0.2.25]:25: TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange x25519_kyber768 server-signature RSA-PSS (2048 bits) server-digest SHA256 This is a regular pattern in my logs I observe already for a long time. It's not new, it doesn't hurt but it feels unnecessary. It this an expected behavior or are there reasons to log the information twice? Andreas _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
