search for: smtpd_tls_req_ccert

...} protocol submission { ssl_cert = < /sec/vmail/mx.example.com.server.EC.crt.pem ssl_key = < /sec/vmail/mx.example.com.server.EC.key.pem ssl_verify_client_cert = no } It submits to a postfix instance, atm on the same host, [internal.mx.example.com]:465 inet n - n - - smtpd -o smtpd_tls_req_ccert=no with that setup, all works as expected. If I turn ON required client cert verification @ postfix, - -o smtpd_tls_req_ccert=no + -o smtpd_tls_req_ccert=yes with that add'l req't, postfix log reports "no client certificate presented" Jul 18 14:52:38 mx postfix/submit-from...

...path = private/auth smtpd_sasl_type = dovecot smtpd_tls_CAfile = /etc/pki/tls/certs/class3.crt smtpd_tls_ask_ccert = yes smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/pki/tls/certs/r13151.ovh.net.crt smtpd_tls_key_file = /etc/pki/tls/private/r13151.ovh.net.key smtpd_tls_received_header = yes smtpd_tls_req_ccert = no smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache smtpd_use_tls = yes soft_bounce = no tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 virtual_alias_domains = renelacroute.fr , nicolaspichot.fr , fakessh.eu virtual_alias_maps = has...

...path = private/auth smtpd_sasl_type = dovecot smtpd_tls_CAfile = /etc/pki/tls/certs/class3.crt smtpd_tls_ask_ccert = yes smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/pki/tls/certs/r13151.ovh.net.crt smtpd_tls_key_file = /etc/pki/tls/private/r13151.ovh.net.key smtpd_tls_received_header = yes smtpd_tls_req_ccert = no smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache smtpd_use_tls = yes soft_bounce = no tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 virtual_alias_domains = renelacroute.fr , nicolaspichot.fr , fakessh.eu virtual_alias_maps = has...

...= smtpd_tls_dkey_file = $smtpd_tls_dcert_file smtpd_tls_exclude_ciphers = smtpd_tls_key_file = /etc/ssl/private/postfix.pem smtpd_tls_loglevel = 0 smtpd_tls_mandatory_ciphers = medium smtpd_tls_mandatory_exclude_ciphers = smtpd_tls_mandatory_protocols = SSLv3, TLSv1 smtpd_tls_received_header = yes smtpd_tls_req_ccert = no smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache smtpd_tls_session_cache_timeout = 3600s smtpd_tls_wrappermode = no smtpd_use_tls = yes soft_bounce = no stale_lock_time = 500s strict_7bit_headers = no strict_8bitmime = no strict_8bitmime_b...

..._tls_eecdh_grade = strong smtpd_tls_exclude_ciphers = smtpd_tls_fingerprint_digest = md5 smtpd_tls_key_file = smtpd_tls_loglevel = 0 smtpd_tls_mandatory_ciphers = medium smtpd_tls_mandatory_exclude_ciphers = smtpd_tls_mandatory_protocols = !SSLv2 smtpd_tls_protocols = smtpd_tls_received_header = no smtpd_tls_req_ccert = no smtpd_tls_security_level = smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_tls_session_cache_timeout = 3600s smtpd_tls_wrappermode = no smtpd_use_tls = no soft_bounce = no stale_lock_time = 500s stress = strict_7bit_headers = no strict_8bitmime = no strict_8bitmim...

...tpd_tls_exclude_ciphers = smtpd_tls_fingerprint_digest = md5 smtpd_tls_key_file = /etc/ssl/private/server.pem smtpd_tls_loglevel = 0 smtpd_tls_mandatory_ciphers = medium smtpd_tls_mandatory_exclude_ciphers = smtpd_tls_mandatory_protocols = !SSLv2 smtpd_tls_protocols = smtpd_tls_received_header = no smtpd_tls_req_ccert = no smtpd_tls_security_level = smtpd_tls_session_cache_database = smtpd_tls_session_cache_timeout = 3600s smtpd_tls_wrappermode = no smtpd_upstream_proxy_protocol = smtpd_upstream_proxy_timeout = 5s smtpd_use_tls = yes soft_bounce = no stale_lock_time = 500s stress = strict_7bit_headers = no stric...

...d_tls_ccert_verifydepth = 5 smtpd_tls_cert_file = smtpd_tls_cipherlist = smtpd_tls_dcert_file = smtpd_tls_dh1024_param_file = smtpd_tls_dh512_param_file = smtpd_tls_dkey_file = $smtpd_tls_dcert_file smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_tls_loglevel = 0 smtpd_tls_received_header = no smtpd_tls_req_ccert = no smtpd_tls_session_cache_database = smtpd_tls_session_cache_timeout = 3600s smtpd_tls_wrappermode = no smtpd_use_tls = no soft_bounce = no stale_lock_time = 500s strict_7bit_headers = no strict_8bitmime = no strict_8bitmime_body = no strict_mime_encoding_domain = no strict_rfc821_envelopes = n...

HI, > You could set > > syslog_facility = local5 > > and have all the log messages in the messages file. According to the output of command # doveadm log find every type of message goes to the file I was looking at, "/var/spool/maillog". >> So, is it postfix doing the local mail delivery, not dovecot? >> > To answer this question please post relevant

...rong smtpd_tls_exclude_ciphers = smtpd_tls_fingerprint_digest = md5 smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_tls_loglevel = 0 smtpd_tls_mandatory_ciphers = medium smtpd_tls_mandatory_exclude_ciphers = smtpd_tls_mandatory_protocols = !SSLv2 smtpd_tls_protocols = smtpd_tls_received_header = no smtpd_tls_req_ccert = no smtpd_tls_security_level = smtpd_tls_session_cache_database = smtpd_tls_session_cache_timeout = 3600s smtpd_tls_wrappermode = no smtpd_use_tls = no soft_bounce = no stale_lock_time = 500s stress = strict_7bit_headers = no strict_8bitmime = no strict_8bitmime_body = no strict_mailbox_ownership...