Forum Discussion

Michael_Harwoo1's avatar
Michael_Harwoo1
Icon for Nimbostratus rankNimbostratus
Nov 27, 2015

SMTP STARTTLS Server side ONLY, Not Client side, on 11.6.0 ?

Can anyone tell me how to configure a virtual server to do SMTP and STARTTLS on the Serverside only and not on the client side. In 11.6 you can easily configure this with the new SMTPS profile (that does the STARTTLS) for a client side only STARTTLS virtual server. But I want a 2nd virtual server that negotiates STARTTLS on the Serverside only. But without a client side SSL profile set the new "SMTPS Profile" drop down box is greyed out as its only possible on the Client side in 11.6 even.

 

I have found various guides on the F5 website for client side StartTLS and some pages with irule suggestions for earlier software versions, but tried some of those too with no luck e.g. the one of this page https://devcentral.f5.com/articles/iruleology-ndashsmtp-start-tls spits out errors to the LTM logs in 11.6.

 

Does anyone know if its meant to be possible to do STARTTLS server side now in 11.6, or if not then knows an irule that will work for this in 11.6?