On Wed, Feb 10, 2016 at 06:04:59PM +0000, Viktor Dukhovni wrote: > Well "postfix tls enable-client|server" already checks whether the > key client or server TLS settings are at their defaults, and if > not only suggests recommended settings without making any changes. > > Are you looking to avoid the "noisy" suggestions?
Yes. I am trying to avoid lots of -essentially useless once you configure tls- output each time there is a postfix upgrade. > This is indeed one of the goals of the new feature, but I thought > that for now (and perhaps long-term) this should be left up to > distributions, which install Postfix packages, rather than Postfix > itself. This is something that will make my life easier as postfix maintainer for Gentoo. No big deal if the answer is no. However, duplicating postfix tls effort seems suboptimal. -- Eray
