From ea52fa03c785ecd6da3d2e9d4ea4cc18a33ceebd Mon Sep 17 00:00:00 2001
From: Jonas Smedegaard <dr@jones.dk>
Date: Mon, 31 Aug 2015 14:25:00 +0200
Subject: Avoid smtpd_tls_CApath or smtpd_tls_CAfile to trick outlook.com.

---
 postfix/postfix.sh | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'postfix')

diff --git a/postfix/postfix.sh b/postfix/postfix.sh
index aaa449d..ceb51d0 100755
--- a/postfix/postfix.sh
+++ b/postfix/postfix.sh
@@ -323,14 +323,16 @@ case "$sasl_main_type" in
 	;;
   *) exit1 "ERROR: Wrong SASL type \"$sasl_main_type\"!";;
 esac
+# Avoid smtpd_tls_CApath or smtpd_tls_CAfile to trick outlook.com
+# See <http://postfix.1071664.n5.nabble.com/Problems-with-incoming-mails-from-outlook-com-td78356.html>
 if [ -n "$sslcert" ]; then
 	$postconf -c "$tempdir" -e 'smtpd_tls_cert_file = /etc/ssl/certs/postfix.pem'
 	$postconf -c "$tempdir" -e 'smtpd_tls_loglevel = 1'
 	$postconf -c "$tempdir" -e 'smtpd_use_tls = yes'
 	$postconf -c "$tempdir" -e 'smtp_tls_CApath = /etc/ssl/certs'
-	$postconf -c "$tempdir" -e 'smtpd_tls_CApath = /etc/ssl/certs'
+	$postconf -c "$tempdir" -e 'smtpd_tls_CApath = '
 	$postconf -c "$tempdir" -e 'lmtp_tls_CApath = /etc/ssl/certs'
-	$postconf -c "$tempdir" -e smtpd_tls_CAfile="${cacert_smtpd:-$cacert_default}"
+	$postconf -c "$tempdir" -e 'smtpd_tls_CAfile = '
 	$postconf -c "$tempdir" -e smtp_tls_CAfile="${cacert_smtp:-$cacert_default}"
 	$postconf -c "$tempdir" -e lmtp_tls_CAfile="${cacert_lmtp:-$cacert_default}"
 	$postconf -c "$tempdir" -e 'smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache'
-- 
cgit v1.2.3