If you chose to configure TLS mandatory, you'll have to live with the
fact, that some servers will not offer this service.
Don't try to force others to apply your policy, instead relax your own
policy. You can still monitor your maillog for non-TLS connections and
from time to time ask identified mail-admins politely to update their
On 02.02.2018 09:36, Peter Keel wrote:
I get these errors:
| TLS is required, but was not offered by host mx1.datacomm.ch[220.127.116.11]
| TLS is required, but was not offered by host relay.kfsb.ch[18.104.22.168]
Since I've made TLS for SMTP mandatory. The respective admins of these servers
might want finally at least enable voluntary TLS; some of their customers
apparently would like to receive mails from my server.
And by the way, RFC 2487 that is referred to for instance in the postfix manpage
and stated that one must not make TLS mandatory has been obsoleted by RFC 3207.
swinog mailing list