Hi! What's your suggestion to avoid the following problem?
Sep 22 13:11:22 postfix/smtpd[21000]: connect from dragon.trusteddomain.org[208.69.40.156] Sep 22 13:11:25 postfix/smtpd[21000]: SSL_accept error from dragon.trusteddomain.org[208.69.40.156]: -1 Sep 22 13:11:25 postfix/smtpd[21000]: warning: TLS library problem: error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher:ssl/statem/statem_srvr.c:2284: Sep 22 13:11:25 postfix/smtpd[21000]: lost connection after STARTTLS from dragon.trusteddomain.org[208.69.40.156] Sep 22 13:11:25 postfix/smtpd[21000]: disconnect from dragon.trusteddomain.org[208.69.40.156] ehlo=1 starttls=0/1 commands=1/2 I only see this warning with this particular client. I'm running Postfix 3.6-20200830 compiled with openssl-1.1.1g. Using Let's Encrypt certificate. My main.cf: smtp_tls_security_level = may smtp_tls_CAfile = /path/to/cacert.pem smtp_tls_cert_file = /path/to/fullchain.cer smtp_tls_key_file = /path/to/keyfile.key smtpd_tls_security_level = $smtp_tls_security_level smtpd_tls_CAfile = $smtp_tls_CAfile smtpd_tls_cert_file = $smtp_tls_cert_file smtpd_tls_key_file = $smtp_tls_key_file smtpd_tls_ask_ccert = no ...everything else tls related is default. Is it possible to not announce STARTTLS to some clients? -me
