Viktor Dukhovni via Postfix-users: > On Tue, Aug 15, 2023 at 11:33:08AM -0400, Wietse Venema via Postfix-users > wrote: > > > With that, the condition evaluates to: > > > > 1: session->tls_context == 0 true > > 2: state->tls->level == TLS_LEV_MAY presumably true > > 3: PREACTIVE_DELAY >= var_min_backoff_time false > > 4: !HAVE_SASL_CREDENTIALS ? > > > > [...] > > > > Condition 3 may need more nuance. The code is OK for non-probe > > messages; it prefers to retry later with TLS, over immediately > > falling back to plaintext. When the later retry also fails in the > > TLS handhake, then Postfix will immediately fall back to plaintext. > > > > However, probes don't retry, so maybe we should skip condition 3 > > for probes. > > That's my instinct also. Waiting out transient glitches by retrying on > the next delivery attempt is not an option for probes. And probes don't > leak message content in the clear, nor even the full envelope, just a > single sender or recipient.
What about condition 2? If the level is not MAY, Postfix won't retry plaintext. Wietse _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org