Sorry, running 6.5-stable. -------- Eredeti üzenet -------- Be 2019. júl. 24. 19:13, Lévai, Dániel írta:
> Hi all! > > I have this on my relay host: > > smtpd.conf: > ca myCA cert "/path/to/myCA.pem" > > listen on egress port submission \ > tls-require verify \ > ca myCA > > Now with that I expected that it'll only accept smtp clients that provide a > certificate signed by myCA, but it turns out it accepts any certificate that > is trusted based on the default /etc/ssl/certs.pem file. > Besides (re)moving the stock certs file or any other intrusive/ugly > workaround, is there any way I could force a CA for those connections? > > Thanks for any hints, > Dani
publickey - leva@ecentrum.hu - 0x66E1F716.asc
Description: application/pgp-keys