My business deals with healthcare issues. For sending and receiving mail, we use TLS connections, but fail back to plain text if TLS cannot be properly negotiated.
I have email going to several TLS-enabled mail servers but the Cert Authorities for their certs are in the "untrusted issuer" realm of CAs within Postfix. How do I get these valid CAs part of the "trusted ones".
Here's an example:
Mar 21 14:02:15 mail postfix/smtp: setting up TLS connection to NaviSite.com.s5a1.psmtp.com[18.104.22.168]:25
Mar 21 14:02:16 mail postfix/smtp: certificate verification failed for navisite.com.s5a1.psmtp.com[22.214.171.124]:25: untrusted issuer /C=US/O=Equifax/OU=Equifax Secure Certificate Authority