> da...@justemail.net wrote on 25.10.2017 at 2:35: > > Hello, > > My office receives email from UPS, since we're a customer. > > One of the domains that UPS emails from is apparently "iship.com". > > We're not getting those emails.
You and UPS require different sets of ciphers and have none in common. Either you have tinkered with server cipher requirements or UPS has edited their client cipher list. Check your postconf -n to find out if its you. http://www.postfix.org/TLS_README.html#server_cipher Testing with openssl s_client doesn’t prove anything about Postfix cipher settings (except that the connection is possible if no setting denies it.) The general rule is to use the defaults. Postfix defaults are set to err on the safe side. You’ll gain very little by altering them. If you try to “harden” Postfix you usually end up with no connection or fall back to plaintext. -- Cheers Petri https://metis.fi/en/petri tel:+358400505939
smime.p7s
Description: S/MIME cryptographic signature
