Postfix MX/MSA instances: don't ask the remote SMTP client for a client certificate.

See postconf(5). This avoids the “(Client did not present a certificate)” messages in the Received headers.
author: Guilhem Moulin <guilhem@fripost.org> 2016-07-10 05:00:41 +0200
committer: Guilhem Moulin <guilhem@fripost.org> 2016-07-10 05:03:39 +0200
commit: 37464e75e1863a89d757077400543dea7b9317ac (patch)
tree: 44b1e9249be3622a48e5042b36512c461daf2103
parent: c52344acb365be570a638f9f256cc33730ffa616 (diff)
2 files changed, 0 insertions, 2 deletions
diff --git a/roles/MSA/templates/etc/postfix/main.cf.j2 b/roles/MSA/templates/etc/postfix/main.cf.j2
index 29f9480..e998f39 100644
--- a/roles/MSA/templates/etc/postfix/main.cf.j2
+++ b/roles/MSA/templates/etc/postfix/main.cf.j2
@@ -81,7 +81,6 @@ smtpd_tls_key_file              = /etc/postfix/ssl/smtp.fripost.org.key
 smtpd_tls_dh1024_param_file     = /etc/ssl/dhparams.pem
 smtpd_tls_session_cache_database=
 smtpd_tls_received_header       = yes
-smtpd_tls_ask_ccert             = yes
 
 # SASL
 smtpd_sasl_auth_enable          = yes
diff --git a/roles/MX/templates/etc/postfix/main.cf.j2 b/roles/MX/templates/etc/postfix/main.cf.j2
index f68dfdd..0f7acae 100644
--- a/roles/MX/templates/etc/postfix/main.cf.j2
+++ b/roles/MX/templates/etc/postfix/main.cf.j2
@@ -97,7 +97,6 @@ smtpd_tls_dh1024_param_file     = /etc/ssl/dhparams.pem
 smtpd_tls_CApath                = /etc/ssl/certs/
 smtpd_tls_session_cache_database=
 smtpd_tls_received_header       = yes
-smtpd_tls_ask_ccert             = yes
 
 
 # http://en.linuxreviews.org/HOWTO_Stop_spam_using_Postfix
author	Guilhem Moulin <guilhem@fripost.org>	2016-07-10 05:00:41 +0200
committer	Guilhem Moulin <guilhem@fripost.org>	2016-07-10 05:03:39 +0200
commit	37464e75e1863a89d757077400543dea7b9317ac (patch)
tree	44b1e9249be3622a48e5042b36512c461daf2103
parent	c52344acb365be570a638f9f256cc33730ffa616 (diff)