esackbauer Thanks for your reply.
It doesnt. I have verified from multiple sources, that outlook just outright ignores this behavior.
In Mailcow, the mail does not get past postfix, so there is no log of it in rspamd. I have checked that.
I have also checked the validity of my certificates with the mailcow helper.
helper-scripts/expiry-dates.sh
TLS expiry dates:
Postfix: Apr 6 09:33:16 2024 GMT
Dovecot: Apr 6 09:33:16 2024 GMT
Nginx: Apr 6 09:33:16 2024 GMT
Or just to double check with another tool from a completely different machine.
sslscan --starttls-smtp --no-ciphersuites --no-heartbleed --no-groups --no-compression mail.myserver.cz:25
Version: 2.1.2
OpenSSL 3.2.0 23 Nov 2023
Connected to 194.182.91.5
Testing SSL server mail.zsmszdarky.cz on port 25 using SNI name mail.zsmszdarky.cz
SSL/TLS Protocols:
SSLv2 disabled
SSLv3 disabled
TLSv1.0 enabled
TLSv1.1 enabled
TLSv1.2 enabled
TLSv1.3 enabled
TLS Fallback SCSV:
Server supports TLS Fallback SCSV
TLS renegotiation:
Secure session renegotiation supported
SSL Certificate:
Signature Algorithm: sha256WithRSAEncryption
RSA Key Strength: 4096
Subject: mail.zsmszdarky.cz
Altnames: DNS:mail.zsmszdarky.cz
Issuer: R3
Not valid before: Jan 7 09:33:17 2024 GMT
Not valid after: Apr 6 09:33:16 2024 GMT
I have also checked the validity of my certificates with the mailcow helper.
helper-scripts/expiry-dates.sh
TLS expiry dates:
Postfix: Apr 6 09:33:16 2024 GMT
Dovecot: Apr 6 09:33:16 2024 GMT
Nginx: Apr 6 09:33:16 2024 GMT
Or just to double check with another tool from a completely different machine.
sslscan --starttls-smtp --no-ciphersuites --no-heartbleed --no-groups --no-compression mail.myserver.cz:25
Version: 2.1.2
OpenSSL 3.2.0 23 Nov 2023
Connected to 194.182.91.5
Testing SSL server mail.zsmszdarky.cz on port 25 using SNI name mail.zsmszdarky.cz
SSL/TLS Protocols:
SSLv2 disabled
SSLv3 disabled
TLSv1.0 enabled
TLSv1.1 enabled
TLSv1.2 enabled
TLSv1.3 enabled
TLS Fallback SCSV:
Server supports TLS Fallback SCSV
TLS renegotiation:
Secure session renegotiation supported
SSL Certificate:
Signature Algorithm: sha256WithRSAEncryption
RSA Key Strength: 4096
Subject: mail.zsmszdarky.cz
Altnames: DNS:mail.zsmszdarky.cz
Issuer: R3
Not valid before: Jan 7 09:33:17 2024 GMT
Not valid after: Apr 6 09:33:16 2024 GMT