From 37464e75e1863a89d757077400543dea7b9317ac Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sun, 10 Jul 2016 05:00:41 +0200 Subject: Postfix MX/MSA instances: don't ask the remote SMTP client for a client certificate. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit See postconf(5). This avoids the “(Client did not present a certificate)” messages in the Received headers. --- roles/MSA/templates/etc/postfix/main.cf.j2 | 1 - roles/MX/templates/etc/postfix/main.cf.j2 | 1 - 2 files changed, 2 deletions(-) diff --git a/roles/MSA/templates/etc/postfix/main.cf.j2 b/roles/MSA/templates/etc/postfix/main.cf.j2 index 29f9480..e998f39 100644 --- a/roles/MSA/templates/etc/postfix/main.cf.j2 +++ b/roles/MSA/templates/etc/postfix/main.cf.j2 @@ -81,7 +81,6 @@ smtpd_tls_key_file = /etc/postfix/ssl/smtp.fripost.org.key smtpd_tls_dh1024_param_file = /etc/ssl/dhparams.pem smtpd_tls_session_cache_database= smtpd_tls_received_header = yes -smtpd_tls_ask_ccert = yes # SASL smtpd_sasl_auth_enable = yes diff --git a/roles/MX/templates/etc/postfix/main.cf.j2 b/roles/MX/templates/etc/postfix/main.cf.j2 index f68dfdd..0f7acae 100644 --- a/roles/MX/templates/etc/postfix/main.cf.j2 +++ b/roles/MX/templates/etc/postfix/main.cf.j2 @@ -97,7 +97,6 @@ smtpd_tls_dh1024_param_file = /etc/ssl/dhparams.pem smtpd_tls_CApath = /etc/ssl/certs/ smtpd_tls_session_cache_database= smtpd_tls_received_header = yes -smtpd_tls_ask_ccert = yes # http://en.linuxreviews.org/HOWTO_Stop_spam_using_Postfix -- cgit v1.2.3