On Mon, Jun 17, 2024 at 11:39:27PM -0500, Paul Schmehl via Postfix-users wrote:
> That might have uncovered a problem.
>
> # posttls-finger -w -lsecure -C "www.stovebolt.com:465" “www.stovebolt.com"
>
> posttls-finger: Connected to www.stovebolt.com[108.174.193.28]:465
> posttls-finger: SSL_connect error to www.stovebolt.com[108.174.193.28]:465: -1
> posttls-finger: warning: TLS library problem: error:1408F10B:SSL
> routines:ssl3_get_record:wrong version number:ssl/record/ssl3_record.c:332:
Your port 465 "smtps" service is misconfigured, it is missing the
"-o smtpd_tls_wrapper_mode=yes" option. For example:
465 inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_milters=
-o syslog_name=postfix/smtps
-o smtpd_sasl_auth_enable=yes
-o {smtpd_client_restrictions=reject_rbl_client
zen.spamhaus.org=127.0.0.4}
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o smtpd_recipient_restrictions=
-o smtpd_data_restrictions=
-o smtpd_end_of_data_restrictions=
-o milter_macro_daemon_name=ORIGINATING
-o smtpd_milters=$mua_milters
-o always_add_missing_headers=yes
--
Viktor.
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
