postmaster at thessaloniki dot gr wrote: > Hi there > > I have a weird problem with postfix 2.3 regarding TLS configuration. > Although the certificates are correctly installed and verified, the > STARTTLS command is offered > only on hosts on the same network with the mail server. > Hosts that access the mail server outside the internal network and > issue the EHLO commad they do not get the STARTTLS > on the server's reply. > > Mail server is behind proxy with a public IP that the server doesn't > know, and a private IP (server is aware of). > Port 25 is publicly accessible. Another Cisco "Fixup" casualty.
grkni...@mx1 ~ $ telnet smtp.thessaloniki.gr 25 Trying 84.205.252.93... Connected to smtp.thessaloniki.gr. Escape character is '^]'. 220 ********************************** EHLO scent-team.com 250-smtp.thessaloniki.gr 250-PIPELINING 250-SIZE 10240000 250-ETRN 250-XXXXXXXA 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN Disable smtp fixup in your router. It breaks more things than solves.
