I'm trying to enable TLS client fingerprint checking on Postfix - that is, I want Postfix, acting as a server, to check the fingerprint of clients trying to connect against a table of cert fingerprints.
>From the Postfix logfile, TLS is working, client certs are being requested, but I can't get Postfix to do the fingerprint check. In a nutshell, Postfix doesn't seem to pay any attention at all to the following line in main.cf: smtpd_client_restrictions=permit_tls_clientcerts,warn_if_reject,reject I can put gibberish in the right side of the above main.cf parameter and Postfix doesn't seem to pay any attention. "postconf -n" shows that the parameter was correctly read from main.cf. master.cf does not override this value. This is on an Ubuntu 9.10 system, running Postfix v 2.6.5 The frustrating thing is, I can get this to work on other Ubuntu systems running the same version of Postfix, so obviously I'm doing something wrong. Anyone know of a reason Postfix would ignore "smtpd_client_restrictions"? As this is the first time I've ever tried to post a Postfix question, please don't hesitate to let me know if there's a better way to pPost such a newb question ... Dave
