On 1/30/2014 8:59 AM, li...@rhsoft.net wrote: > > > Am 30.01.2014 15:51, schrieb Dennis Putnam: >> Thanks for your patience but why wouldn't the working server also be failing >> if TLS was indeed screwed up? > > because he does not force TLS > >> Here is the postconf -n output: > > snipped > >> In case it is needed here is the content of tls_policy: >> >> in.mailjet.com may >> smtp.att.yahoo.com:587 encrypt >> >> MailJet is the server that is working (Note: until this thread the entry for >> yahoo was the same) > > [harry@rh:/downloads]$ cat copy-paste.txt | grep tls > smtp_tls_loglevel = 2 > smtp_tls_policy_maps = hash:/etc/postfix/tls_policy > _____________________________________ > > that above is a grep on your "postconf -n" > where is "smtp_use_tls = yes"
That is the old deprecated setting. Please use the current smtp_tls_security_level = may -- Noel Jones > > and that is why you should always start with output of "postconf -n" > instead waste that much time for all involved people > _____________________________________ > > [root@rh:~]$ postconf -n | grep smtp_tls > smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt > smtp_tls_exclude_ciphers = DES-CBC3-SHA, DES-CBC3-MD5 > smtp_tls_loglevel = 1 > smtp_tls_note_starttls_offer = yes > smtp_tls_policy_maps = hash:/etc/postfix/tls_policy > smtp_tls_security_level = may > smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_scache > smtp_tls_session_cache_timeout = 3600s >
