9 Feb
2015
9 Feb
'15
3:06 p.m.
On 09.02.2015, at 14:19, Michael Ströder michael@stroeder.com wrote:
Michael Grimm wrote:
What I actually meant is: explicitly allow delivery for "broken" hosts on purpose, no automatic fallback.
This let's you easily specify any TLS policy per recipient site: http://www.postfix.org/postconf.5.html#smtp_tls_policy_maps
Sigh. A default smtp_tls_security_level = dane and exceptions per host in smtp_tls_policy_maps are surely more elegant than my approach using a different transport [1]
Thanks and regards, Michael
[1] which I somehow misunderstood in http://www.postfix.org/TLS_README.html#client_tls_dane