|SUBJECT ||Re: [Hangout - NYLXS] Adding Additional domains and outgoing email
|On Wed, Jan 05, 2022 at 11:09:56PM -0500, Viktor Dukhovni wrote:
> On Thu, Jan 06, 2022 at 02:09:45PM +1100, raf wrote:
> > > is on - so it is asking for client certificates?
> > > But that is really not authetication, if I understand things.
> > It's asking for them (from all clients, even for remote
> > mail servers sending you mail which isn't helpful), but
> > it's only asking, not requiring. It's better to require
> > them for the submission service in master.cf and then
> > match the client certificates against a list of known
> > fingerprints.
> I don't think that requiring client certs is a best practice. It
> precludes concurrent use of alternative authentication methods. Just
> asking is generally enough
Thanks. But even so, it should probably still only be
a -o override in master.cf rather than in main.cf.
Hangout mailing list