On 2020-05-17 12:07:29 -0600, @lbutlr wrote:
> > postfix/smtpd[17880]: connect from ...[...]
> > postfix/smtpd[17880]: SSL_accept error from ...[...]: -1
> > postfix/smtpd[17880]: warning: TLS library problem: error:1417A0C1:SSL
> > routines:tls_post_process_client_hello:no shared
> > cipher:ssl/
On 2020-05-15 16:55:50 -0400, Viktor Dukhovni wrote:
> > Or could it be that my certificate is ECDSA, but the other server
> > maybe only supports RSA?
>
> That's quite plausible, and would have been my guess even before you
> mentioned this. For interop, you need an RSA cert, and then you can
>
> grepp'ed with 'ciphers':
> > smtp_tls_ciphers = medium
> > smtp_tls_exclude_ciphers = aNULL,eNULL,CAMELLIA
> > smtp_tls_mandatory_ciphers = medium
> > tls_preempt_cipherlist = yes
>
> Before asking for help, try removing those settings.
I've removed them; it did not change anything.
The debug-l
On 2020-05-15 12:56:18 -0400, Wietse Venema wrote:
> Roland Freikamp:
> > Hi,
> >
> > I recently upgraded my mailserver-linux-system, which also upgraded Postfix
> > from 3.4.6 to 3.4.9, and renewed the TLS-certificates (Let's Encrypt).
> > The Postfix-config
Hi,
I recently upgraded my mailserver-linux-system, which also upgraded Postfix
from 3.4.6 to 3.4.9, and renewed the TLS-certificates (Let's Encrypt).
The Postfix-configuration did not change.
Since then, some mails could not be delivered to my server, because it
seems that the mailservers could n
Hi,
I'm using postscreen on a mailserver.
Unfortunately, this does not work with some bigger mail providers, since
they send the mail from a random host in their mail-server-cluster, so
postscreen sees a new IP for each retry, and so sometimes never accepts
the mail.
Is there a way around this?
