Viktor Dukhovni:
> > Also, there is no need for smtp_tls_security_level=encrypt since the
> > client will not send plaintext anyway. Any smtp_tls_security_level
> > that is not "none" will suffice.
>
> Not quite sure what the TLS library will do if handed a request to
> do TLS when the security level happens to be "none". In particular,
> various TLS-related bits for the session may not be set, and crashes
> are possible. We need a check that the current destination's policy
> is not TLS_LEV_NONE.
In that case there is no smtp_tls_ctx. And the patch already
warns about that.
Wietse
