I’m using postfix as mail transfer agent on my mailgateway to send and receive emails.
Because I’m communicating with sensitive information I’m using the tls options to validate the receivers mx. He changed his certificate so my tls option in
domain.de fingerprint match=XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX)
was wrong and the mail was 3 days in my mail queue before we noticed that the mail was stuck. Is there an option to bounce “TLS mails” hard, if those options cannot be validated?
I searched the postfix config documentation but did not find the wanted solution.
I don’t know if you can hard bounce mails in that circumstance, but you can certainly turn on delay notifications by setting
Back in prehistory, when everyone ran sendmail, it would notify the sender if a mail couldn’t be delivered after four hours (by default). Postfix has a similar capability, but it’s disabled by default.
delay_warning_time = 4h in
main.cf and you will get an email if a message you sent has been queued for four hours. Or choose a different warning time. But don’t make it too short; it’s normal for messages to get queued for a short time (e.g. up to an hour or two).
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.