On 12/04/2011 17:50, Noel Jones wrote:
On 4/12/2011 10:31 AM, Fabien COMBERNOUS wrote:
Thank you for your answer.
On 12/04/2011 17:06, Noel Jones wrote:
[...]
Port 465 is the deprecated "SSL wrapper mode" smtps. The
postfix smtp client doesn't support wrapper mode.
Use the submission port 587 instead, or if you must use 465
see http://www.postfix.org/TLS_README.html#client_smtps
I tested also 587 port. But i this case i get the following
message :
Apr 12 11:21:58 dns postfix/smtp[83627]: 484E193000:
to=<fcombern...@kezia.com>,
relay=smtp.gmail.com[209.85.227.109]:587, delay=0.69,
delays=0/0.01/0.6/0.08, dsn=5.7.0, status=bounced (host
smtp.gmail.com[209.85.227.109] said: 530 5.7.0 Must issue a
STARTTLS command first. a50sm3091196wer.42 (in reply to MAIL
FROM command))
Regards,
Your postfix needs to be compiled with TLS support, and TLS must be
enabled in the smtp client.
http://www.postfix.org/TLS_README.html#build_tls
(or install a TLS-enabled postfix package from your OS vendor)
I this it is. It understand the key smtp_tls_security_level
http://www.postfix.org/TLS_README.html#client_tls_levels
# main.cf
smtp_tls_security_level = may
It is what i did :
smtp_tls_security_level = may
smtp_tls_session_cache_database =
btree:/var/spool/postfix/tls/smtp_session_cache
Now i get this message :
postfix/smtp[3372]: certificate verification failed for
smtp.gmail.com[209.85.227.109]:587: untrusted issuer
/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
I'm pretty surprised.
--
*Fabien COMBERNOUS*
/unix system engineer/
www.kezia.com <http://www.kezia.com/>
*Tel: +33 (0) 467 992 986*
Kezia Group
