Thanks and sorry for my English. I noticed in the meanwhile that is no standard behavior for that code.
I was referring to this case: messages from Facebook, Messagelabs and others TO Postfix. Those sources are capable of encryption protocol, but I receive messages often in plain text with no STARTTLS attempt. I don't want content in plain text when the source is known as TLS/SSL capable. I made a policy to cache sources that are using encryption protocol and defer if otherwise, with 430 4.7.0. Again, thank you. Marius. -----Original Message----- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Wietse Venema Sent: Saturday, October 31, 2015 4:32 PM To: Postfix users Subject: Re: Is there any standard behavior in response to STARTTLS 430 4.7.0 Marius Gologan: > Is there any standard behavior in respect to 430 4.7.0? The standard says that this is a soft error, i.e. delivery may succeed at a different time or server. > For example, clients such as facebook, messagelabs don't deliver > messages using TLS constantly. Me no understand. > Would they retry immediately with TLS or they will keep rotating IPs > until one is using STARTTLS? That is up to the client. It may try TLS on other IP addresses before falling back to plaintext, or it may fall back to plaintext immediately (Postfix default behavior). Postfix can be configured to return mail as undeliverable after trying TLS on other IP addresses (by setting smtp_delivery_status_filter); that has effect only for deliveries where TLS is required. Wietse
smime.p7s
Description: S/MIME cryptographic signature
