Sometimes when sending emails, I have the following error.
mail.log reads
postfix/smtp[924291]: 2E22E21203A8: to=<xxxxx.yyyy@somedomain.td>, relay=smtp3.9services.com[84.96.93.164]:25, delay=71998, delays=71998/0.03/0.27/0, dsn=4.7.4, status=deferred (TLS is required, but was not offered by host smtp3.9services.com[84.96.93.164])
I am not sure if it is a postfix configuration that must be tweaked (I’ve read on some forums about setting smtp_use_tls to may) or is it a port issue (if so what do i have to check)?
The dane setting will use may when no TLSA record is found, which includes the following policy:
With opportunistic TLS, mail delivery continues even if the server certificate is untrusted or bears the wrong name. When the TLS handshake fails for an opportunistic TLS session, rather than give up on mail delivery, the Postfix SMTP client retries the transaction with TLS disabled. Trying an unencrypted connection makes it possible to deliver mail to sites with non-interoperable server TLS implementations.
Based on the log entry you posted:
TLS is required, but was not offered by host
My guess is that the server requires an obsolete TLS or for some reason does not offer a TLS session while not allowing plain text.
In other words, this seems like a problem with the receiving server.