> On Feb 19, 2019, at 11:15 AM, A. Schulze <s...@andreasschulze.de> wrote:
>
>> I've not tested what happens
>> with server-side operation in that case, does it refuse service, or
>> try and fail in some manner?
>
> unsure if that's a open question or you expect me something to test?
I am not sure either. :-) I you want to help out, you could test
postscreen's use of the server-side proxy with deep-protocol
tests over TLS. I don't know how the proxy behaves when the server
initialization does not run for lack of certificates.
You'd still need to convince postscreen that it should offer TLS...
I don't recall whether use of tlsproxy(8) with smtpd(8) is supported,
there's presently no good reason to do that.
--
Viktor.
