Page MenuHomeDevCentral

SMTP mail.nasqueron.org requires STARTTLS while RFC 2487 and RFC 3207 forbid this behavior
Closed, ResolvedPublic

Description

Currently, the setting has been hardened as smtpd_tls_security_level = encrypt.

We should revert to smtpd_tls_security_level = may

RFC 3207, section 4: "A publicly-referenced SMTP server MUST NOT require use of the STARTTLS extension in order to deliver mail locally."

References:

The setting is located at /etc/postfix/main.cf

Event Timeline

dereckson created this task.Jan 14 2017, 07:53
dereckson added a project: security.
dereckson closed this task as Resolved.

/etc/postfix/main.cf setting has been switched back to smtpd_tls_security_level = may, mail server restarted.