Hello Viktor,
Am 10.09.25 um 17:43 schrieb Viktor Dukhovni via Postfix-users:
That, despite apparently some clients caught off guard. This choice
feels too aggressive to me. But, if you're willing to go out on a limb,
perhaps you're also willing to deploy a Postfix development snapshot,
in which case you'll find in Postfix 3.11-<recent-enough-date>:
smtpd_reject_filter_maps (default: empty)
this sounds like a generic solution of the problem. I'm fine with that.
I'll start trying the 3.11 train on some future cold, dark winter weekends but
not yet in production :-)
My choice would be to not insisnt on TLS with unsuspecting clients that
are unable to comply.
I understand your point, but in our case it's more complex as I initially
mentioned.
Thanks,
Andreas
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
