nuked like 80-90% of incomming spam.
Now it's below 5% of incomming traffic. Not sure if I would implement it
now again (was worth it when we implemented it though).
It works only if you have a small number of users that need forwarding
back to you.
lg,
rupi
--
Rainer Ruprechtsberger
Volks
On 08.07.20 14:34, Viktor Dukhovni wrote:
>
> /var/spool/postfix/etc/ssl/certs/ca-certificates.crt !=
> /etc/ssl/certs/ca-certificates.crt
>
> Why are you running s_client with that particular choice of filename?
> Along with any private keys, DH parameters, ... the CAfile is loaded by
>
On 08.07.20 13:12, Christian Kivalo wrote:
[...]
> How did you call posttls-finger? Did you use "-F" and point it to
> /etc/ssl/certs/ca-certificates.crt?
>
>> But I do trust this CA:
>> smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
> This setting does not affect posttls-finger
Thanks - I
Hi,
> cat server.cer intermediate.cer > server_chain.cer
>
> After that in the main.cf you use the server_chain.cer as
> smtpd_tls_cert_file.
>
my problem is the other direction - I want to verify a remote SMTP
server. Postfix is a smtp client in this instance.. TLS verification is
required for
icate is signed by above mentioned CA (which
posttls-finger says it doesn't trust).
My system is a Debian Buster, postfix version 3.4.10-0+deb10u1.
Any pointers to resolve this would be appreciated.
lg,
--
Rainer Ruprechtsberger
Volkshilfe Oberösterreich
IT
4020 Linz, Glimpfingerstrasse 48
er it earlier) I just c&p'd.
However - it does not seem to do anything. Any mail sent to such a
destination still gets a 4.. status.
Any help debugging whats going on would be appreciated.
/r
--
Rainer Ruprechtsberger
Volkshilfe Oberösterreich
IT
4020 Linz, Glimpfingerstrasse 48
Tel.: +4
