Thorsten Habich:
> If I remember correctly the certificate verification with connection
> reuse (so the tlsproxy gets involved) was fixed with:
>
> 20200620
>
> ??? Bugfix (introduced: Postfix 3.4): SMTP over TLS connection
> ??? reuse was broken for configurations that use explicit trust
> ??? anchors. Reported by Thorsten Habich. Fixed by calling DANE
> ??? initialization unconditionally (WTF). File: tlsproxy/tlsproxy.c.
>
> Might there still be a problem?
YOU can verify that, by using a transport map to SELECTIVELY send
mail over an SMTP client that has TLS smtp connection reuse turned
off so that it does not use tlsproxy.
main.cf:
transport_maps = hash:/etc/postfix/transport
master.cf:
smtp-noreuse .. .. .. .. .. .. smtp
-o smtp_tls_connection_reuse = yes
/etc/postfix/transport:
example.com smtp-noreuse:
Wietse
