On Tue, Apr 11, 2023 at 08:32:19AM -0400, micah anderson via Postfix-users
wrote:
> >> The certificate that the server sends (smtpd_tls_cert_file) is [...]
> >> is the client refusing my certificate at this stage?
> >
> > See above. Your certificate details look fine:
>
> Good.
Of course some clients may expect a different issuing CA, or some other
non-obvious content.
> >> smtpd_tls_ask_ccert = yes
> >
> > You should probably NOT request client certificates on port 25.
> > Some clients are likely to not be able to decline the request.
> >
> > This could well be the problem.
>
> I removed that.
Good.
> Restarted postfix after these changes and triggered the remote client to
> try again, but unfortunately, the same error happens. Same thing in the
> pcap: I say Server Hello Done, and then the client sends a RST, ACK.
>
> Any other ideas of things I could try?
No, the rest requires insight from the sending end.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
