reject_unverified_recipient is no option as remote sites don't like
probing/verify requests. After rechecking, i had a typo in my regex.

Damn! It was working as documented. Sorry.


Am Mi., 16. Jan. 2019 um 13:17 Uhr schrieb Wietse Venema <
wie...@porcupine.org>:

> Stefan Bauer:
> > Hi,
> >
> > how can the following error be detected and an instant bounce/reject will
> > be send to the sender?
> >
> > -- 880 Kbytes in 3 Requests.
> > root@mx1:~# mailq
> > -Queue ID-  --Size-- ----Arrival Time---- -Sender/Recipient-------
> > A97288008B   776694 Sun Jan 13 13:14:29  sender@sender
> >                                          (Cannot start TLS: handshake
> > failure)
>
> http://www.postfix.org/postconf.5.html#reject_unverified_recipient.
>
> > Jan 15 14:23:01 mx1 smtp[5985]: SSL_connect error to
> recipient.tld[ip]:25:
> > -1
> > Jan 15 14:23:01 mx1 smtp[5985]: warning: TLS library problem:
> > error:141A318A:SSL routines:tls_process_ske_dhe:dh key too
> > small:../ssl/statem/statem_clnt.c:1472:
> > Jan 15 14:23:01 mx1 smtp[5985]: A97288008B: to=<recipient@recipient>,
> > relay=recipient.tld[ip]:25, delay=173312, delays=173282/15/15/0,
> dsn=4.7.5,
> > status=deferred (Cannot start TLS: handshake failure)
> >
> > smtp_delivery_status_filter does not seem to have any effect.
>
> Then you made a mistake. Which mistake? Insufficient data.
>
>         Wietse
>

Reply via email to