On Wed, Dec 15, 2021 at 10:00:45PM +0100, Peter Münster <p...@a16n.net> wrote:
> Hi, > > Since about 2-3 years I'm using successfully the following configuration > with Postfix clients: > > submission inet n - n - - smtpd > -o syslog_name=postfix/submission > -o smtpd_tls_security_level=encrypt > -o smtpd_tls_loglevel=1 > -o smtpd_sasl_auth_enable=yes > -o > smtpd_client_restrictions=reject_unknown_reverse_client_hostname,permit_sasl_authenticated,reject > -o smtpd_tls_auth_only=yes > -o > smtpd_recipient_restrictions=permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination > -o smtpd_sasl_security_options=noanonymous,noplaintext > -o smtpd_sasl_tls_security_options=noanonymous,noplaintext > -o > smtpd_relay_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination > -o smtpd_tls_chain_files=/etc/postfix/ecdsa.pem > > Now I would like to use also an Android client (preferably opensource). > I've tried K-9 and p≡p, but I always get this error: > > postfix/submission/smtpd[2982]: warning: TLS library problem: > error:14201076:SSL routines:tls_choose_sigalg: > no suitable signature algorithm:ssl/t1_lib.c:2792: > > How could I get an Android client and a Postfix server work together > please? > > TIA for any help, > -- > Peter It's just a guess, but maybe the problem is ECDSA. If you add an RSA key as well, it might work. Does that sound plausible? cheers, raf
