From 37464e75e1863a89d757077400543dea7b9317ac Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Sun, 10 Jul 2016 05:00:41 +0200
Subject: Postfix MX/MSA instances: don't ask the remote SMTP client for a
 client certificate.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

See postconf(5).  This avoids the “(Client did not present a
certificate)” messages in the Received headers.
---
 roles/MX/templates/etc/postfix/main.cf.j2 | 1 -
 1 file changed, 1 deletion(-)

(limited to 'roles/MX/templates/etc/postfix/main.cf.j2')

diff --git a/roles/MX/templates/etc/postfix/main.cf.j2 b/roles/MX/templates/etc/postfix/main.cf.j2
index f68dfdd..0f7acae 100644
--- a/roles/MX/templates/etc/postfix/main.cf.j2
+++ b/roles/MX/templates/etc/postfix/main.cf.j2
@@ -97,7 +97,6 @@ smtpd_tls_dh1024_param_file     = /etc/ssl/dhparams.pem
 smtpd_tls_CApath                = /etc/ssl/certs/
 smtpd_tls_session_cache_database=
 smtpd_tls_received_header       = yes
-smtpd_tls_ask_ccert             = yes
 
 
 # http://en.linuxreviews.org/HOWTO_Stop_spam_using_Postfix
-- 
cgit v1.2.3