> On Dec 5, 2016, at 4:40 AM, Zalezny Niezalezny <zalezny.niezale...@gmail.com> > wrote: > > Problem is generated by one of our Ironport systems which is trying to > establish TLS connection. > In Postfix server I already configured it: > > smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3 > smtpd_tls_protocols = !SSLv2,!SSLv3 > smtp_tls_protocols = !SSLv2,!SSLv3 > > I suspect that TLS client is not properly configured to establish connection. > > How to properly configure Postfix to enable all type of TLS connections ?
You begin by posting a properly detailed problem description. The above isn't even close. http://postfix.1071664.n5.nabble.com/TLS-issue-td87598.html#a87612 http://www.postfix.org/DEBUG_README.html#mail http://www.postfix.org/DEBUG_README.html#sniffer To decode TLS packet dumps: $ tshark -r /file/name -V -x and look for blocks of text starting with "Secure Socket". The configuration error is probably on the Ironport, so after ruling out Postfix mistakes a packet dump will be needed to see what's going wrong during the handshake. -- Viktor.
