Am 26.04.2014 18:04, schrieb Victor Faur: > 25 inet n - n - - smtpd -o smtpd_enforce_tls=yes -o > smtpd_sasl_auth_enable=yes -o > smtpd_client_restrictions=permit_sasl_authenticated,permit_mynetworks,check_ > relay_domains,reject_unauth_destination,reject > 587 inet n - n - - smtpd -o smtpd_enforce_tls=yes -o > smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o > smtpd_client_restrictions=permit_sasl_authenticated,reject > 465 inet n - n - - smtpd -o smtpd_enforce_tls=yes -o > smtpd_sasl_auth_enable=yes -o > smtpd_client_restrictions=permit_sasl_authenticated,reject > > TLS working, SSL not
beside the wrong talking about SSL and TLS because both are TLS which is nothing more than SSL >= 3.1 - you can google that port 465 needs -o smtpd_tls_wrappermode=yes and please google for the differences between STARTTLS and wrappermode, this is something you should really understand if you maintain servers BTW: smtpd_enforce_tls=yes on port 25 is pretty dumb if it is a public MX because you can't demand the sender that his server supports encryption for outgoing mails
