>>>>> On December 12, 2025 Viktor Dukhovni via Postfix-users >>>>> <[email protected]> wrote:
> On Fri, Dec 12, 2025 at 10:21:02AM -0500, Bill Cole via Postfix-users wrote: >> > Dec 7 20:10:45 smtp2 postfix/smtpd[29026]: warning: TLS library >> > problem: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad >> > certificate:../ssl/record/rec_layer_s3.c:1544:SSL alert number 42: >> > >> This one is interesting because it is explicit about the problem. It does >> not like something about your certificate. which could be one or more of: > But since, with unathenticated opportunistic TLS in SMTP there's not > just reason to expect any sort of "valid" certificate, the particular > client is merely stupidly shoorting itself in the foot. Just let it > do that. Not the OP's problem. Thank you Bill and Viktor, I had been planning to get a real certificate when I upgrade the OS and postfix.. I'll see if that resolves the issue. Probably look into DANE/etc as well. I've got a pretty long list of deferred TLC... As I said, they always retry and succeed (with TLS, even) so not too worried about that. And yes, as Viktor wrote, TLS should be opportunistic on port 25 so not exactly my problem. The other one I guess I can wait a month and see if they have sorted themselves out by my next statement.. but in that case I'm currently losing mail I want so even if not technically my problem, I would like to do something about it sooner than later if it continues.. thanks, Greg _______________________________________________ Postfix-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
