On 1/29/2014 10:32 PM, Viktor Dukhovni wrote: > On Wed, Jan 29, 2014 at 09:42:00PM -0500, Wietse Venema wrote: > >>> If postconf(1) is the same version of Postfix as smtp(8), then you >>> check with "postconf smtp_tls_loglevel". This parameter is not >>> defined when TLS support is not available. >> All TLS (and SASL) parameters are defined whether or not the feature >> is compiled in. However, the SMTP client and server will log warning >> when the feature is turned on. > Yes, I neglected to check whether parameters that are conditionally > compiled into smtp(8) and friends are also conditionally compiled > into postconf(1). It seems that nowdays, postconf picks up all > parameters even for features disabled at compile time. Was it > always this way? I have dim memories of seeing fewer parameters > from "postconf -d" in some long ago release when compiling without > TLS support. > >>> You can also run "ldd /usr/libexec/postfix/smtp" (adjust to where-ever >>> your daemon_directory is) to see whether the smtp(8) delivery >>> agent is linked with libssl and libcrypto. >> This is correct. > Or also "strings /usr/libexec/postfix/smtp | grep smtp_tls_loglevel", > the delivery agent definitely includes this only when TLS is enabled. > > You should also have warnings in the logs: > > TLS has been selected, but TLS support is not compiled in > > when TLS is enabled in main.cf (even when site-dependent), but smtp(8) > is not compiled with TLS support. That warning dates back to > postfix-2.2-20050119. > No warning in log. SSL must be linked in. It just occurred to me that the working server is using TLS also so that cannot be the issue. It has to be something specific with the smtp.att.yahoo.com server that has changed.
signature.asc
Description: OpenPGP digital signature
