On Wed, Mar 16, 2022 at 02:06:53AM +0100, Thomas Bohl wrote:
>> > > client# cat /tmp/server.crt >> /etc/ssl/certs.pem
>
>BTW it's /etc/ssl/cert.pem not /etc/ssl/certs.pem
yeah, type-o in the email on my part.
>> > Just go with free "ACME certificate".)
>>
>> Not possible.
>
>...or do not have
A private CA has issued server certs to mail.example.org. However, when
smtpd from another server in the example.org domain connects to
mail.example.org, TLS validation fails and the message exchange falls back
to smtp+notls
Is there way to add a cert chain somewhere that smtpd will do a chain
On Tue, Mar 15, 2022 at 09:40:34AM +1100, Dipesh Sharma wrote:
>Did you try the 'tls no-verify' option described here:
>https://man.openbsd.org/smtpd.conf#tls ? If you are sure that some host
>under example.com is talking to the correct mail.example.com host, it is OK
>to skip the certificate
On Tue, Mar 15, 2022 at 05:11:14PM +0100, Marcus MERIGHI wrote:
>Hello,
>
>rea...@catastrophe.net (rea...@catastrophe.net), 2022.03.15 (Tue) 00:27 (CET):
>> On Tue, Mar 15, 2022 at 09:40:34AM +1100, Dipesh Sharma wrote:
>> >Did you try the 'tls no-verify' option described here:
>>
On Wed, Mar 16, 2022 at 12:16:23AM +0100, Thomas Bohl wrote:
>
>> > IIUC the client server needs the CA Certificate that was used to
>> > generate the SMTP-server Certificate in its /etc/ssl/cert.pem (on
>> > OpenBSD).
>>
>> Thanks. I did try this but it's still not working out.
>>
>
>> Download
On Sat, Oct 21, 2023 at 01:18:34PM +0200, Harald Dunkel wrote:
[..]
>I tried
>
> # table localnet { 10.10.10.0/24 10.10.11.0/24 2001:db8:abcd:0012::/64 }
Try separating your networks with a comma, per the man page of smtpd.conf
table localnet { 10.10.10.0/24, 10.10.11.0/24,
