This is not a tlspol question.
> sending to gmail shows up as verified connections but
With Postfix, 'verified' means that the certificate matched, either
by name or by fingerprint (from certificate or public key).
> recieving from gmail shows up as trusted connections
With Postfix, 'trusted' means that the chain of trust is valid,
from the root all the way to the server certificate.
Postfix by default does not 'verify' client certificates. The TLS
stack does not know what certificate name or fingerprint to expect
***DURING THE TLS HANDSSHAKE***.
Wietse
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
