> On Wed, Aug 02, 2017 at 10:00:58AM -0500, Noel Jones wrote: > >> >> smtpd_tls_loglevel = 2 >> > >> > Change that to 1, and also set: >> > >> > smtp_tls_security_level = 1 >> >> >> Oops, that should be >> >> smtp_tls_loglevel = 1 > > Indeed a typo, thanks for the corection, ... and then the OP must > *POST* the resulting logging. > > He's not posted the configuration of the sending system or > its logs. This is a waste of everyone's time. > > -- > Viktor. >
Hi viktor, By mistake, i have posted receiving server configuration. Below is the configuration of the sending system bounce_queue_lifetime = 40s command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 html_directory = no inet_interfaces = all inet_protocols = all mail_owner = postfix mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man maximal_queue_lifetime = 8h mydestination = $myhostname.$mydomain,$myhostname, $myhostname, localhost.localdomain mydomain = tcs.mil.in myhostname = AHQserver.tcs.mil.in mynetworks = 127.0.0.0/8, 201.123.80.0/24, 201.123.1.0/24, 201.123.2.0/24 mynetworks_style = subnet newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix queue_run_delay = 30s readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES sample_directory = /usr/share/doc/postfix-2.6.6/samples sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtp_enforce_tls = yes smtp_tls_CAfile = /etc/new_pki/tls/certs/ca-bundle.crt smtp_tls_loglevel = 1 smtp_tls_policy_maps = hash:/etc/postfix/tls_policy smtp_use_tls = yes smtpd_starttls_timeout = 300s smtpd_tls_CApath = /root/hyndavi/certs smtpd_tls_ask_ccert = no smtpd_tls_auth_only = no smtpd_tls_cert_file = /root/hyndavi/certs/ahq_smtp_ad...@tcs.mil.in.pem smtpd_tls_key_file = /root/hyndavi/certs/ahq_smtp_ad...@tcs.mil.in.key smtpd_tls_security_level = encrypt transport_maps = hash:/etc/postfix/transportmap unknown_local_recipient_reject_code = 550 virtual_alias_maps = ldap:/etc/postfix/virtual_alias_map_ldapusers, ldap:/etc/postfix/ldapdistlist.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /var/mail/vmail virtual_mailbox_domains = AHQ.tcs.mil.in virtual_mailbox_maps = ldap:/etc/postfix/virtual_mailbox_ldapusers virtual_minimum_uid = 1000 virtual_uid_maps = static:5000 As i have already told ca-bundle.crt is having ca certificate. Both the sending and receiving server certificates have been generated with the same CA certificate. CA is a self signed certificate. After doing configuration changes whatever have been suggested, I have sent mail from AHQ server to 1CorpHQ server. below is the Log Aug 3 12:11:54 AHQ postfix/smtp[8325]: 4B68168543FC: to=<cdr.1cor...@1corphq.tcs.mil.in>, orig_to=<cdr.1cor...@tcs.mil.in>, relay=201.123.1.4[201.123.1.4]:25, delay=34, delays=34/0/0/0, dsn=4.7.5, status=deferred (Server certificate not verified) Can you help me to solve this problem -- Thanks & Regards Hyndavi rapuru Member( Research Staff) Central Research Laboratory Bharat Electronics Ltd Jalahalli Bangalore- 560 013 Int Ph No: 134 Off Ph No: 080-28381125 Off Fax No: 28381168 कागज़ के 3000 पन्नों के लिए एक पेड़ को काटा जाता है... पेड़ बचाएँ... पेड़ों का संरक्षण करें... हरियाली लाएँ... इस मेल का या इसकी किसी फाइल का प्रिंट तब तक न लें जब तक सचमुच ज़रूरत न हो !!!! Every 3000 Sheets of paper costs us a tree.. Save trees... Conserve Trees. Don't print this email or any Files unless you really need to!!!! Confidentiality Notice/गोपनीय सूचना इस इलेक्ट्रॉनिक संदेश में शामिल जानकारी और इस संदेश के साथ दिया गया संलग्नक केवल प्रेषिती के अनन्य इस्तेमाल के लिए है और इसमें गोपनीय या विशेषाधिकार प्राप्त जानकारी शामिल हो सकती है । यदि आप आशयित प्राप्तकर्ता नहीं हैं, तो कृपया तुरंत भारत इलेक्ट्रॉनिक्स के प्रेषक को बताएँ या supp...@bel.co.in पर मेल द्वारा सूचित करें और इस संदेश की सभी प्रतियाँ और उसके साथ लगे संलग्नकों को नष्ट कर दें । The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain confidential or privileged information. If you are not the intended recipient, please notify the sender at Bharat Electronics or supp...@bel.co.in immediately and destroy all copies of this message and any attachments.
