On Tue, Sep 03, 2013 at 11:39:28AM -0700, FliedRice wrote:
> I do not know if this is just a strange coincidence or what, but now the
> google error has returned:
> Sep 3 10:22:03 boaz postfix/smtp[19614]: certificate verification failed
> for gmail-smtp-in.l.google.com[74.125.142.26]:25: untrusted issuer
> /C=US/O=Equifax/OU=Equifax Secure Certificate Authority
This is not an error. It is just informational. You don't trust
any CAs, so no certificates are verified.
If I recall correctly, sufficiently recent versions of Postfix (I
believe 2.9 or later) don't log this message when TLS is opportunistic
and the smtp_tls_loglevel is 1 or less (the recommended log level
is 1). If you find this log message annoying, upgrade to Postfix
2.9.7 or 2.10.2.
When remote certificate authenticity is not enforced, there is no
point complaining about it.
--
Viktor.
