I know this is an old thread but I have the same issue and a similar setup. Checking on mxtoolbox no STARTTLS is advertised. I can telnet locally and postfix advertises STARTTLS correctly.Al-MacLean wrote:Our connection path is:
WAN -> pfSense (firewall) -> LAN
On the LAN side of the pfSense firewall, the next connection is
Untangle (only used for anti-spam, anti-phishing, web site policies, no firewall module)
then behind that are the internal servers (Zimbra email and other web servers) and the office computers.
But, I'm just happy I finally sorted it!
I have checked the option on untangle to allow and ignore TLS connections and restarted the spam blocker.
So I still have the issue even though it solved yours.
Cheers
Spart