Jordi Espasa Clofent:
> Hi all,
>
> I've configured a TLS/SSL smtpd in a box as follows:
>
> # postconf -n | grep -i tls
> smtpd_tls_cert_file = /usr/local/home/example.com.crt
> smtpd_tls_key_file = /usr/local/home/example.com.key
> smtpd_tls_loglevel = 2
> smtpd_tls_received_header = yes
> smtpd_tls_session_cache_database = btree:/usr/local/etc/postfix/smtpd_cache
> smtpd_tls_session_cache_timeout = 3600s
> smtpd_use_tls = yes
> tls_random_source = dev:/dev/urandom
>
> The cert is a wildcard certificate for *.example.com.
>
> When the MUA (tested in Microsoft Outlook and Mazilla Thunderbird) tries
> to send email using this box, it show a warning about the cert. It
> happens when it try connection using STARTTLS (port 25) and also TLS/SSL
> (port 465).
>
> ?Why?
>
> The box is named mai.example.com, so I understand a wildcard certificate
> (*.example.com) should be enough.
The "*" matches ONE level only.
Wietse
