Hello Wietse Venema,
This will print recipient addresses that were sent over TLS.
Based on your suggestion I improved it a bit. In case someone else has
the same problem here the full script. It prints outgoing non TLS and at
the end a summary.
I'm sending mainly TLS except many DMARC repo
Hello,
Postfix logs TLS status details before it logs delivery status details.
...
With plaintext delivery, that first line will not be logged.
I know.
In both cases the logging shows the SMTP client process name and
process ID, and the remote SMTP server name, IP address, and port.
With
Hello,
for outgoing TLS connections with smtp_tls_loglevel=1 I can see the
Trusted, Untrusted or Verified lines easily by a grep with " connection
established to " in the log.
Now I tried to find all remaining unencrypted connections and failed. I
neither found any specific log line for the
Hallo,
On my machine, the authoriative server (BIND) only listends on the
the ethernet IP interface, while the recursive server (unbound)
listends only on 127.0.0.1. It validates queries for my own domain,
just like for any other.
I wanted to prevent installing and caring for two software ins
Hello,
DANE TLSA records are strictly enforced when "well-formed", where
well-formed also requires a plausible TLSA "associated data" field
(expected length for SHA2-256 and SHA2-512 digests and valid DER
encoding of certs or keys for matching type Full(0)).
That's what I did expect. Starting
Hello,
I recently did a misconfiguration of an internal mail server for a test
system and as a result broke the TLSA record. Postfix still delivered
mail to the system now with Trusted instead of Verified (BTW I find
these two outputs texts misleading, each time I check the logs I look
for a
