Hi,
You could add the external hostname to /etc/hosts, which then would
resolve to localhost again.
Alternatively, you could also make the non-TLS port bind on localhost
only, in this way it isnt exposed externally (passing -o
smtp_bind_address in master.cf).
Nicolas
Am 15.04.23 um 17:36 schrieb "Simon Wilson" (si...@simonandkate.net):
I see with SOGoSMTPServer that I can set
"smtp://localhost:587/?tls=YES=allowInsecureLocalhost" -
however this only works when the SMTP server is at localhost. I use a
non-localhost SMTP server which uses Let's Encrypt certs for Postfix,
but pinned to external domain names. Thus when using internal
addressing for this server the certificate verification fails when
submitted to by SOGo.
Is there a way to accept insecure non-localhost? Otherwise I have to
open submission port externally and loop back to it, which is not a
preferred option.