On Mon, Sep 09, 2013 at 09:06:20AM +0200, Luigi Rosa wrote:
> > Yes, but you do have to configure Postfix correctly.
>
> :) I managed to solve the problem, the key was smtp_tls_policy_maps, the main
> error I made was to put the server name instead the mail domain name (the
> recipient is on a di
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Viktor Dukhovni said the following on 09/09/2013 00:33:
> Yes, but you do have to configure Postfix correctly.
:) I managed to solve the problem, the key was smtp_tls_policy_maps, the main
error I made was to put the server name instead the mail doma
On Sun, Sep 08, 2013 at 11:56:32AM +0200, Luigi Rosa wrote:
> Per http://www.postfix.org/postconf.5.html#smtpd_tls_policy_maps if I use
> fingerprint in smtp_tls_policy_maps "there are no trusted certificate
> authorities. The certificate trust chain, expiration date, ...
> are not checked"
Yes,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jerry said the following on 08/09/2013 13:24:
>> So maybe there is something in the configuration that does not tell
>> Postfix do use smtp_tls_policy_maps
>
> Why don't you post the output of: "postconf -n" and then we could tell
> you.
alias_da
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Sun, 08 Sep 2013 12:42:46 +0200
Luigi Rosa articulated:
> Patrick Ben Koetter said the following on 08/09/2013 12:17:
>
> > You don't tell Postfix where to find the CA file that holds all CAs
> > you trust. Without a CA cert Postfix cannot verif
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Patrick Ben Koetter said the following on 08/09/2013 12:17:
> You don't tell Postfix where to find the CA file that holds all CAs you
> trust. Without a CA cert Postfix cannot verify a server cert.
But, according to documentation, setting smtp_tls_po
* Luigi Rosa :
> My goal is to use self-issued certificates to encrypt the communications
> between two Postfix MTAs and validate their identities
>
> Per http://www.postfix.org/postconf.5.html#smtpd_tls_policy_maps if I use
> fingerprint in smtp_tls_policy_maps "there are no trusted certificate
>
