smptd_tls_security_level = encrypt

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

smptd_tls_security_level = encrypt

Virtual Xmas

    
Hello,

Running Postfix 2.10.1.

I am setting up an internal mail relay to receive mail from other internal clients.  I have a requirement that all email be received via TLS only.

I have configured TLS using our internal PKI and set the appropriate settings in main.cf and mail is being received via TLS according to the headers.

I have set smptd_tls_security_level = encrypt.  According to the documentation:

encrypt: Mandatory TLS encryption: announce STARTTLS support to remote SMTP clients, and require that clients use TLS encryption.

However, the server is still willing to accept non TLS unencrypted emails from smtp clients.

Am I still missing a setting?


Reply | Threaded
Open this post in threaded view
|

Re: smptd_tls_security_level = encrypt

Wietse Venema
Virtual Xmas:

> Hello,
>
> Running Postfix 2.10.1.
>
> I am setting up an internal mail relay to receive mail from other
> internal clients.? I have a requirement that all email be received via
> TLS only.
>
> I have configured TLS using our internal PKI and set the appropriate
> settings in main.cf and mail is being received via TLS according to the
> headers.
>
> I have set smptd_tls_security_level = encrypt.? According to the
> documentation:
>
> encrypt: Mandatory TLS encryption: announce STARTTLS support to remote
> SMTP clients, and require that clients use TLS encryption.
>
> However, the server is still willing to accept non TLS unencrypted
> emails from smtp clients.
>
> Am I still missing a setting?

TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail

TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html

Thank you for using Postfix.
Reply | Threaded
Open this post in threaded view
|

Re: smptd_tls_security_level = encrypt

Matus UHLAR - fantomas
In reply to this post by Virtual Xmas
On 01.10.18 10:21, Virtual Xmas wrote:

>Running Postfix 2.10.1.
>
>I am setting up an internal mail relay to receive mail from other
>internal clients.  I have a requirement that all email be received via
>TLS only.
>
>I have configured TLS using our internal PKI and set the appropriate
>settings in main.cf and mail is being received via TLS according to
>the headers.
>
>I have set smptd_tls_security_level = encrypt.  According to the
>documentation:
>
>encrypt: Mandatory TLS encryption: announce STARTTLS support to remote
>SMTP clients, and require that clients use TLS encryption.
>
>However, the server is still willing to accept non TLS unencrypted
>emails from smtp clients.
>
>Am I still missing a setting?

something overridden in master.cf?


--
Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Eagles may soar, but weasels don't get sucked into jet engines.