DevHeads.net

postfix does not bounce instantly when remote party does not offer TLS

Hi,

delays=422/0.03/0.09/0, dsn=4.7.4, status=deferred (TLS is required, but
was not offered by host

seems to me like a permanent error - postfix sees it as a temporary one. I
would like to have instant bounce message for this case when TLS is not
available.

sending postfix is configured 'encrypted' os no fallback is wanted.

Comments

Re: postfix does not bounce instantly when remote party does not

By Herbert J. Skuhra at 09/09/2018 - 12:59

On Sun, Sep 09, 2018 at 06:49:07PM +0200, Stefan Bauer wrote:
<a href="http://www.postfix.org/postconf.5.html#plaintext_reject_code" title="http://www.postfix.org/postconf.5.html#plaintext_reject_code">http://www.postfix.org/postconf.5.html#plaintext_reject_code</a>

?

Re: postfix does not bounce instantly when remote party does not

By Stefan Bauer at 09/09/2018 - 13:06

seems to only work when postfix is server. I need this for postfix as
client when remote site is not offering tls.

Am So., 9. Sep. 2018 um 18:59 Uhr schrieb Herbert J. Skuhra <
... at gojira dot at>:

Re: postfix does not bounce instantly when remote party does not

By Viktor Dukhovni at 09/09/2018 - 12:57

This type of error is often fixed within the queue lifetime of a message.
If TLS was working for a destination, and was misconfigured down, the
miscreant administrator should notice and bring it back.

If you're requiring TLS support from strangers who might never have
offered TLS, and expect delivery or an immediate bounce, we don't
yet support that.

Re: postfix does not bounce instantly when remote party does not

By Stefan Bauer at 09/09/2018 - 13:01

any way to inform my users about TLS fails via bounce without waiting queue
lifetime?

Am So., 9. Sep. 2018 um 18:58 Uhr schrieb Viktor Dukhovni <
postfix- ... at dukhovni dot org>: