On Mon, 2024-03-11 at 08:57 +0100, Alexander Leidinger via Postfix- users wrote: > Am 2024-03-11 05:19, schrieb Glenn Tenney via Postfix-users: > > > (2) Postfix sends to gmail, but does not encrypt when sending. > > You only tell the receiving side of postfix to set the encrypt level > to > "may". For the sending side you do not have such a setting: > smtp_tls_security_level = ... >
To Glenn: In addition, *smtp_tls_policy_maps* is good for detail setting: https://www.postfix.org/TLS_README.html#client_tls_encrypt > Maybe you also want to set the TLS protocols for the sending side > (sending and receiving side have different config options, "smtp_..." > vs > "smtpd_..."): > smtp_tls_protocols = ... > > > smtp_tls_CApath = /etc/ssl/certs > > smtp_tls_loglevel = 1 > > smtpd_tls_cert_file = > > /usr/local/etc/letsencrypt/live/domain.name/fullchain.pem > > smtpd_tls_key_file = > > /usr/local/etc/letsencrypt/live/domain.name/privkey.pem > > smtpd_tls_protocols = !SSLv2, !SSLv3 > > smtpd_tls_security_level = may > > smtpd_use_tls = yes > > Bye, > Alexander. > Thanks, Byunghee from South Korea
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org