John Doe:
> Hi Wietse and Viktor,
>
> Replying in one email ...
>
> I'm attaching what You have required from me. and one more fail proof, with
> tlsproxy setting enabled in main.cf (lat time i have forgotten to enable
> them back- sorry)
>
> *I believe issue was fixed,* but it's a bit confusing now,* to show this I
> have ran postconf -x *not postconf -xh and -d to see what's default in 3.8.5
>
> [root@problematicsrv]# postconf-internal -x tlsproxy_client_security_level
> tlsproxy_client_security_level =
The output is empty because...
> [root@problematicsrv]# postconf-internal -d tlsproxy_client_security_level
> tlsproxy_client_security_level =
...the default for tlsproxy_client_security_level value is empty.
On my systems:
Output from postconf -d tlsproxy_client_security_level:
Postfix 3.10: tlsproxy_client_security_level =
${tlsproxy_client_level:$smtp_tls_security_level}
Postfix 3.9: tlsproxy_client_security_level =
${tlsproxy_client_level:$smtp_tls_security_level}
Postfix 3.8: tlsproxy_client_security_level =
${tlsproxy_client_level:$smtp_tls_security_level}
Postfix 3.7: tlsproxy_client_security_level =
${tlsproxy_client_level:$smtp_tls_security_level}
Output from postconf -d tlsproxy_client_level:
Postfix 3.6: tlsproxy_client_level = $smtp_tls_security_level
Postfix 3.5: tlsproxy_client_level = $smtp_tls_security_level
You mention that Postfix is built locally from source code. Perhaps
there is a problem with the way that Postfix is built, or with the
way that Postfix is deployed. Postfix has no 'postconf-internal'
etc. command.
Perhaps you can use postmulti to manage your external and internal
Postfix instances.
I'm adding a check to the tlsproxy daemon for TLS parameter values
that don't enable TLS as expected.
Wietse
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
