On Mon, Sep 25, 2023 at 10:47:44PM +0200, A. Schulze via Postfix-users wrote:
> If operating SMTP clients with a client certificate is so dangerous > and has no value, why would google go that? Not, dangerous, just largely pointless, with *potential* complications, unless there are servers that can actually make use of said certificates. In the case of Google's outbound SMTP, perhaps various servers in fact do verify their client certificates. Or perhaps the TLS layer used by Gmail was configured with the same certs inbound and outbound without much analysis as to whether both are required. If the certs are always available and current, they'll generally just go unused without getting in the way. More pointless than harmful. > ยน) grep 'Trusted TLS connection established from' /var/log/mail | grep > '.google.com\[' That won't do any good on my end, my SMTP server does not request client certificates. :-) -- Viktor. _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org