Hello list. I'm trying to configure OpenSMTPD 5.9.2 on a FreeBSD server but I'm seeing anomalous behaviour with one of my listen directives.
The directive in question is: listen on egress tls-require hostname mail.mydomain.net My only other listen directive is usual localhost one. The smtpd.conf man page states: "tls-require may be used to force clients to establish a secure connection before being allowed to start an SMTP transaction". I ran a telnet test against the server to see how the forcing of TLS takes place, but it didn't happen. I was able to manually submit a message to OpenSMTPD without TLS as follows: $ telnet a.mx.mydomain.net 25 Trying xxxx:xxx:xx:xxx::x:xxxx... Connected to a.mx.mydomain.net. Escape character is '^]'. 220 mail.mydomain.net ESMTP OpenSMTPD HELO jmann-mbp 250 mail.mydomain.net Hello jmann-mbp [IPv6:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx], pleased to meet you MAIL FROM:<jmann@jmann-mbp> 250 2.0.0: Ok RCPT TO:<ja...@mydomain.net> 250 2.1.5 Destination address valid: Recipient ok DATA 354 Enter mail, end with "." on a line by itself From: Jason Mann <jmann@jmann-mbp> To: Jason Mann <ja...@mydomain.net> Subject: Test 4 This is a test. . 250 2.0.0: f20f3998 Message accepted for delivery QUIT 221 2.0.0: Bye What may be wrong here? Kind regards, Jason
