> On Sep 10, 2018, at 12:06 PM, Wietse Venema <wie...@porcupine.org> wrote:
>
> What about this?
>
> Example 1: convert specific soft TLS errors into hard errors, by over-
> riding the first number in the enhanced status code.
>
> /etc/postfix/main.cf:
> smtp_delivery_status_filter = pcre:/etc/postfix/smtp_dsn_filter
>
> /etc/postfix/smtp_dsn_filter:
> /^4(\.\d+\.\d+ TLS is required, but host \S+ refused to start TLS:
> .+)/
> 5$1
> /^4(\.\d+\.\d+ TLS is required, but was not offered by host .+)/
> 5$1
> # Do not change the following into hard bounces. They may
> # result from a local configuration problem.
> # 4.\d+.\d+ TLS is required, but our TLS engine is unavailable
> # 4.\d+.\d+ TLS is required, but unavailable
> # 4.\d+.\d+ Cannot start TLS: handshake failure
A bit tricky to match exactly the right conditions, but plausible.
I did not remember whether one could override tempfails to hardfails,
so I did not suggest this approach...
--
Viktor.
