On 7 Nov 2016, at 9:26, Florian Piekert wrote:
Hello everybody,
another issue around TLS/SSL from me.
I see tons of
==> mail/mail.log <==
[...]
Nov 7 15:03:29 blueberry postfix/smtpd[18091]:
mail-ve1eur01hn032d.outbound.protection.outlook.com[2a01:111:f400:fe1f::32d]:
TLS cipher list "aNULL:-aNULL:HIGH:@STRENGTH:!aNULL"
This is probably your problem. The austere cipher list is the result of
this setting, shown in your postconf output:
smtpd_tls_ciphers = high
This has the perverse effect of causing some senders to fallback to no
encryption and others to fail because they are configured to never do
that when a server claims to support TLS or are simply broken.
