Hi, I recently upgraded my mailserver-linux-system, which also upgraded Postfix from 3.4.6 to 3.4.9, and renewed the TLS-certificates (Let's Encrypt). The Postfix-configuration did not change. Since then, some mails could not be delivered to my server, because it seems that the mailservers could not agree on a TLS algorithm:
postfix/smtpd[17880]: connect from ...[...] postfix/smtpd[17880]: SSL_accept error from ...[...]: -1 postfix/smtpd[17880]: warning: TLS library problem: error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher:ssl/statem/statem_srvr.c:2282: postfix/smtpd[17880]: lost connection after STARTTLS from ...[...] postfix/smtpd[17880]: disconnect from ...[...] ehlo=1 starttls=0/1 commands=1/2 Setting "smtpd_tls_ciphers = low" did not help; the only way to receive the mails was disabling TLS completely ("smtpd_tls_security_level = none"). But I would like to enable TLS again. Do you know what the reason could be and how it could be fixed? (Change in Postfix default configuration? Bad certificate? Bad TLS library? Bad TLS on other mailserver?) thanks, Roland