Problem is generated by one of our Ironport systems which is trying to establish TLS connection. In Postfix server I already configured it:
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3 smtpd_tls_protocols = !SSLv2,!SSLv3 smtp_tls_protocols = !SSLv2,!SSLv3 I suspect that TLS client is not properly configured to establish connection. How to properly configure Postfix to enable all type of TLS connections ? With kind regards Zalezny On Sat, Dec 3, 2016 at 5:40 PM, @lbutlr <krem...@kreme.com> wrote: > On 12/2/16 12:16 PM, Wietse Venema wrote: > > With 'no shared ciphers' happening frequently, do we want to set >> up a TLS troubleshooting document, or is the decision tree too >> complex for such a document to be useful? >> > Considering how often the question is asked, probably. > > However, I think the error message in the logs is partly to blame since it > will come up in a grep search for 'error'. (yes, people should grep for > "error:" but they don't.) > > Instead of "Protocol error;" I'd suggest maybe "no protocol match;" or > similar wording that doesn't include 'error'. > > > > >