On Tue, Aug 15, 2023 at 11:51:07AM -0400, Wietse Venema via Postfix-users wrote:
> > That's my instinct also. Waiting out transient glitches by retrying on
> > the next delivery attempt is not an option for probes. And probes don't
> > leak message content in the clear, nor even the full envelope, just a
> > single sender or recipient.
>
> What about condition 2? If the level is not MAY, Postfix
> won't retry plaintext.
That's OK, since presumably the domain in question is unreachable. TLS
is not optional at any of the other levels.
- encrypt
- dane (with TLSA records found)
- dane-only
- fingerprint
- verify / secure
And of course with "none", we wouldn't have a TLS handshake failure in
the first place. So, naturally, the opportunistic STARTTLS "may" is the
only level of interest.
The reader should not that the policy level during delivery is the
"effective" level after DANE TLSA record lookup, so "dane" already
degraded to "may" by that point if TLSA records were not present.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
