TLS Security Level
Jump to navigation
Jump to search
Some servers and clients might be stricter with TLS policies making in some case impossible for postfix to deliver an email. A typical error looks like this:
Jul 19 10:26:16 servername postfix/smtp[1234567]: C0DED34D: to=<someone@somewhere.else>, relay=mail.something.something[XXX.XXX.XXX.XXX]:25, delay=6, delays=0.06/0.02/5.4/0.48, dsn=5.7.1, status=bounced (host mail.something.something[XXX.XXX.XXX.XXX] said: 550 5.7.1 Session encryption is required (in reply to RCPT TO command))
To make sure postfix is able to deliver emails to such servers, by adapting its behavior, add the following in `/etc/postfix/main.cf`
smtp_tls_security_level = may smtpd_tls_security_level = may