Zitat von "Mike A. Leonetti" <mikealeone...@gmail.com>:
I set up postfix with:smtp_tls_policy_maps = hash:/etc/postfix/tls_policyAnd a list of domains with "may" as the policy for each of them. The problem is postfix hates the certificate (because I don't have it listed as a trusted issuer anywhere). So I get this error as expected:Jan 8 01:57:46 Ricochet postfix/smtp[24852]: certificate verification failed for gmail-smtp-in.l.google.com[74.125.91.27]:25: untrusted issuer /C=US/O=Equifax/OU=Equifax Secure Certificate AuthorityIs there a way to have postfix not care about the issuer and just continue? I am aware that there can be security risks, but they exist anyway if postfix fails back to plaintext.
Huh?Postfix does continue anyway if you do not explicitely configure it to not do so with a TLS security level higher than "may". The log shows the above as a warning.
Regards Andreas
smime.p7s
Description: S/MIME Cryptographic Signature
