On 2023-04-11 15:49:30, Matus UHLAR - fantomas via Postfix-users wrote:
Perhaps you could disable STARTTLS extension for this particular address by
using smtpd_discard_ehlo_keyword_address_maps:
smtpd_discard_ehlo_keyword_address_maps=hash:/etc/postfix/smtpd_keywords
/etc/postfix/smtpd_keywords:
65.125.209.36 STARTTLS
http://www.postfix.org/postconf.5.html#smtpd_discard_ehlo_keyword_address_maps
On 12.04.23 17:57, micah anderson via Postfix-users wrote:
This does allow them to connect and send, unfortunately it results in
that connection to not be encrypted (and they are a bank!) :(
I can tell, based on their certificate CN, that this is an outlook
server, but I wasn't able to obtain more information than that.
you can stil try to minimalize your requirements for SSL connection, e.g.
allow all tls protocols and ciphers on non-mandatory port and set capture
smtp communication from that server to see what they do offer...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Boost your system's speed by 500% - DEL C:\WINDOWS$\*.*
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
