On Sun, 18 Jan 2015 08:39:01 -0800, Edgar Pettijohn
<ed...@pettijohn-web.com> wrote:
I've been lurking on the list for a while, and I'm finally getting close
on my config to replace postfix/dovecot. However, I'm having some
issues. I'm pretty sure I want to use auth in a listener context, but
its not working out for me.
I think you only need the auth-optional line is situations where you want
to relay email through this server via SMTP 25/tcp from your own computer
via a public IP address, and cannot setup the server to listen on the
separate submission port 587/tcp.
Also in the logs it shows "Server certificate verification failed on
session dcad1b1012daf5ab" which doesn't sound good,
This is not a show-stopper, it just means that whatever TLS certificate
the mail server is presenting cannot be verified by the other SMTP
endpoint involved.
It looks like you are using self-signed certs so this is to be expected
unless you setup your own CA (Certificate Authority) and then install your
CA's root certificate on all computers involved.
and finally the "accept from any for any tls" seems scary is that safe
or does it need work?
That options will force TLS encryption of outbound SMTP connections. If
the remote mail server does not support TLS, message delivery will fail.
You can test public mail servers for TLS support using these web sites.
mxtoolbox.com
starttls.info
checktls.com
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
