On Mon, Sep 14, 2009 at 09:11:43PM -0400, sean darcy wrote:
> This is way simpler than any of the howto's for gmail relay access. Or the
> TLS_README.
>
> It's weird how everyone make this so complicated.
Which part of TLS_README led you astray? In the section on client certificates:
http://www.postfix.org/TLS_README.html#client_cert_key
the first paragraph, reads:
Do not configure Postfix SMTP client certificates unless you must present
client TLS certificates to one or more servers. Client certificates are
not usually needed, and can cause problems in configurations that work
well without them. The recommended setting is to let the defaults stand:
smtp_tls_cert_file =
smtp_tls_dcert_file =
smtp_tls_key_file =
smtp_tls_dkey_file =
# Postfix >= 2.6
smtp_tls_eccert_file =
smtp_tls_eckey_file =
The best way to use the default settings is to comment out the above
parameters in main.cf if present.
I thought this would serve the intended goal of helping people to avoid
unnecessary SMTP client certificates.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
