I got a report that our Postfix server wasn't using TLS on outbound connections, and looking in the log, it seems like I get a lot of PIX workarounds with both gmail.com and Microsoft's service:
postfix/smtp[1243304]: 7BDFA6B7: enabling PIX workarounds: disable_esmtp for aspmx.l.google.com[74.125.205.27]:25 I have not followed Postfix history, but it looks to me that the PIX code is more than 20 years old and was introduced to handle old Cisco firewalls. Surely that's not the the case for gmail.com and Microsoft? If I try telnetting the gmail.com server, I get: telnet aspmx.l.google.com 25 Trying 74.125.205.26... Connected to aspmx.l.google.com. Escape character is '^]'. 220 ****************************************************************************** At the moment, I'm working around this by excluding disable_esmtp: smtp_pix_workarounds = delay_dotcrlf Ole
