Dear,
I installed Zimbra version 8.8.15 and install patch P30
and recive mail from domain in log view warning
postfix/smtpd[11635]: warning: permit_tls_clientcerts is requested, but "smtpd_tls_ask_ccert = no"
and
postfix/smtp[19936]: warning: DNSSEC validation may be unavailable
postfix/smtp[19936]: warning: reason: dnssec_probe 'ns:.' received a response that is not DNSSEC validated
Ples help what this warning and how resolve
Upgrade 8.8.15 and two warnings. TLS and DNSSEC
-
ArchanfelHUN
- Posts: 17
- Joined: Fri Sep 27, 2019 7:09 am
Re: Upgrade 8.8.15 and two warnings. TLS and DNSSEC
Hello!
This is the explanation: http://www.postfix.org/announcements/postfix-3.5.9.html
In short you can safely ignore this warning.
P
This is the explanation: http://www.postfix.org/announcements/postfix-3.5.9.html
In short you can safely ignore this warning.
P
Re: Upgrade 8.8.15 and two warnings. TLS and DNSSEC
ArchanfelHUN wrote:Hello!
This is the explanation: http://www.postfix.org/announcements/postfix-3.5.9.html
In short you can safely ignore this warning.
P
Thanks for your reply.
and this error
postfix/smtpd[11635]: warning: permit_tls_clientcerts is requested, but "smtpd_tls_ask_ccert = no"
Thanks
Re: Upgrade 8.8.15 and two warnings. TLS and DNSSEC
Hello I am trying to clear the same error I see in the daily report :
I am on Zimbra FOSS 8.8.15 P33 under Centos 7
While I read that this warning is irrelevenat, I tried to set “smtpd_tls_ask_ccert = yes” to see If I can clear it but I am unable to make the modification persistent.
I have tried with postconf as well I tried to edit /opt/zimbra/common/conf/main.cf. I read the I should modify the /opt/zimbra/common/conf/master.cf.in but could not find a straight way to find this setting in the file.
Which is the best way to modify postfix to test this setting?
Code: Select all
warning: permit_tls_clientcerts is requested, but "smtpd_tls_ask_ccert = no"Code: Select all
Aug 26 14:40:57 mail postfix/smtpd[24230]: connect from unknown[95.110.216.95]
Aug 26 14:40:57 mail postfix/smtpd[24230]: Anonymous TLS connection established from unknown[95.110.216.95]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
Aug 26 14:40:57 mail postfix/smtpd[24230]: NOQUEUE: filter: RCPT from unknown[95.110.216.95]: <notifiche-pec@aruba.it>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=<notifiche-pec@aruba.it> to=<xxxx@yyyy.it> proto=ESMTP helo=<mx.pec.aruba.it>
Aug 26 14:40:57 mail postfix/smtpd[24230]: warning: permit_tls_clientcerts is requested, but "smtpd_tls_ask_ccert = no"
Aug 26 14:40:57 mail postfix/smtpd[24230]: NOQUEUE: filter: RCPT from unknown[95.110.216.95]: <notifiche-pec@aruba.it>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10024; from=<notifiche-pec@aruba.it> to=<zzzz@yyyy.it> proto=ESMTP helo=<mx.pec.aruba.it>
Aug 26 14:40:57 mail postfix/smtpd[24230]: AC6F9936CCFF: client=unknown[95.110.216.95]
Aug 26 14:40:57 mail postfix/smtpd[24230]: disconnect from unknown[95.110.216.95] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7I have tried with postconf as well I tried to edit /opt/zimbra/common/conf/main.cf. I read the I should modify the /opt/zimbra/common/conf/master.cf.in but could not find a straight way to find this setting in the file.
Which is the best way to modify postfix to test this setting?