On 11 December 2016 at 08:43, John Fawcett <j...@voipsupport.it> wrote: > On 12/11/2016 09:25 AM, Dominic Raferd wrote: >> In general my postfix mail server is working well, it is receiving >> emails with optional STARTTLS. But I am occasionally seeing an error >> message like this in the log: >> >> 2016-12-11 00:32:19 dl1 postfix/smtpd[13665]: SSL_accept error from >> unknown[14.215.156.100]: lost connection >> >> The connection giving rise to the error is never from one of our >> machines/users. Should I be worried about it? Does it indicate some >> bad configuration on my side? >> >> Dominic > > Dominic > > it would help if you posted your configuration. > I suspect that you have the smtps service configured in master.cf. If > anyone is using it, it should be only your own users, so errors from > unrecognised ips will not be a problem and are probably not for any > legitimate reason. If you don't need the smtps service, you should > consider commenting it out completely in master.cf. > John >
Thanks John for your quick reply. I don't have any smtps configured in master.cf, I only have smtp port (25) open and I allow opportunistic TLS (which I require before authentication [for which I use dovecot]) i.e. STARTTLS. So any senders can use TLS if they want. I guess that I should just ignore these errors from unknown ips as they don't indicate a security problem on my side?
