PS: The peer is very picky wrt TLS, thats why this is an important problem. The peer log file shows
: Diagnostic-Code: X-Postfix; TLS is required, but was not offered by host mail.example.de[10.145.142.10] Return-Path: <xxx...@posteo.de> Received: from mout01.posteo.de (unknown [10.0.0.65]) by mout01.posteo.de (Postfix) with ESMTPS id CDAFB1A014F for <jupp.schm...@example.com>; Mon, 21 Jun 2021 10:31:44 +0200 (CEST) : So how comes that my MTA suddenly does not offer TLS, even though the listen lines say xname = "mail.example.de" pki $xname cert "/etc/ssl/public/mail.example.de.chain.pem" pki $xname key "/etc/ssl/private/smtpd.key.pem" pki $xname dhe auto listen on lo0 tls pki $xname listen on internal tls pki $xname listen on external tls pki $xname Regards Harri