4 juillet 2019 16:04 "Henry Jensen" <hjen...@mailbox.org> a écrit:
>
> I see. Is this the default behavior? I noticed that
> 
> action "relay" relay host smtp://my.internal.server tls no-verify
> 
> and
> 
> action "relay" relay host smtp://my.internal.server
> 
> (opportunistic TLS) leads to the same result: the mail is transferred using 
> TLS. Only when I use
> 
> action "relay" relay host smtp://my.internal.server tls
> 
> an error occurs "reason=SSL certificate check failed".
> 

no the default behaviour is opportunistic tls, so it'll do tls no-verify
but will fallback to plaintext if no tls is available.

tls no-verify won't hard fail if certificate is invalid, but it won't go
to plaintext either.

-- 
Gilles Chehade

https://www.poolp.org                                          @poolpOrg

--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Reply via email to