From a5f2cae6185ab68999e75fbbddfc8fb3569a6023 Mon Sep 17 00:00:00 2001
From: Wietse Z Venema <wietse@porcupine.org>
Date: Sat, 15 Feb 2025 00:00:00 -0500
Subject: [PATCH] postfix-3.10-20250215

---
 postfix/HISTORY                    |  43 +++++++-
 postfix/README_FILES/TLSRPT_README |   3 +-
 postfix/README_FILES/TLS_README    |  99 +++++-------------
 postfix/html/TLSRPT_README.html    |   3 +-
 postfix/html/TLS_README.html       | 122 +++++-----------------
 postfix/html/lmtp.8.html           | 161 +++++++++++++++--------------
 postfix/html/postconf.5.html       | 120 +++++++++++++++------
 postfix/html/smtp.8.html           | 161 +++++++++++++++--------------
 postfix/man/man5/postconf.5        | 129 +++++++++++++++++------
 postfix/man/man8/smtp.8            |   5 +-
 postfix/proto/TLSRPT_README.html   |   3 +-
 postfix/proto/TLS_README.html      | 122 +++++-----------------
 postfix/proto/postconf.proto       | 120 +++++++++++++++------
 postfix/proto/stop                 |   2 +
 postfix/proto/stop.double-history  |   2 +
 postfix/src/global/mail_params.h   |   2 +-
 postfix/src/global/mail_version.h  |   2 +-
 postfix/src/smtp/smtp.c            |   5 +-
 postfix/src/tls/tls_dh.c           |   6 +-
 postfix/src/tls/tls_misc.c         |  67 +++++++-----
 20 files changed, 622 insertions(+), 555 deletions(-)

diff --git a/postfix/HISTORY b/postfix/HISTORY
index 5df45409d..18c8a2c4c 100644
--- a/postfix/HISTORY
+++ b/postfix/HISTORY
@@ -28941,4 +28941,45 @@ Apologies for any names omitted.
 	requests for 60s. Files: global/dict_pgsql.c, global/dict_mysql.c,
 	proto/pgsql_table, proto/mysql_table.
 
- 	Postfix 3.10 code freeze.
+20250210
+
+	Bugfix (defect introduced: Postfix 3.6): Reverted the default
+	smtp_tls_dane_insecure_mx_policy setting to "dane" as of Postfix
+	3.6.17, 3.7.13, 3.8.8, 3.9.2, and 3.10.0. By mistake the default
+	was dependent on the smtp_tls_security_level setting. Files:
+	global/mail_params.h, proto/postconf.proto, smtp/smtp.c.
+
+20250210
+
+	Documentation: prefer 'submissions' over 'smtps'. Files:
+	proto/postconf.proto, proto/TLS_README.html.
+
+20250212
+
+	Support for OpenSSL 3.5 post-quantum cryptography. To manage
+	algorithm selection, OpenSSL introduces new TLS group syntax
+	that Postfix will not attempt to imitate. Instead, Postfix
+	now allows the tls_eecdh_auto_curves and tls_ffdhe_auto_groups
+	parameter values to have an empty value. When both are set
+	empty, the algorithm selection can be managed through OpenSSL
+	configuration. Viktor Dukhovni. Files: tls/tls_dh.c,
+	tls/tls_misc.c.
+
+	Bugfix (defect introduced: Postfix 3.4, date 20181113): a
+	server with multiple TLS certificates could report for a
+	resumed TLS session, in logging and Received: message
+	headers, the wrong server-signature and server-digest names.
+	Viktor Dukhovni. File: tls/tls_misc.c.
+
+20250213
+
+	Documentation: updated postconf(5) that the parameters
+	smtpd_tls_eecdh_grade, tls_eecdh_strong_curve,
+	tls_eecdh_ultra_curve, and tlsproxy_tls_eecdh_grade, are
+	not used since Postfix 3.6; updated the tls_eecdh_auto_curves
+	and tls_ffdhe_auto_groups description with post-quantum
+	configuration; added a post-quantum example to the
+	tls_config_file description. File: proto/postconf.proto.
+	The unused parameters will be deleted in Postfix 3.11.
+
+	Postfix 3.10 code freeze.
diff --git a/postfix/README_FILES/TLSRPT_README b/postfix/README_FILES/TLSRPT_README
index a26253612..415342e6a 100644
--- a/postfix/README_FILES/TLSRPT_README
+++ b/postfix/README_FILES/TLSRPT_README
@@ -235,7 +235,8 @@ Examples of smtp_tls_policy_maps plugins with MTA-STS support are:
   * postfix-tlspol, supports domains with DANE (using Postfix built-in DANE),
     and domains with MTA-STS.
 
-  * postfix-mta-sts-resolver, supports domains with MTA-STS.
+  * postfix-mta-sts-resolver, supports domains with MTA-STS as of release 1.5.0
+    (February 2025).
 
 Both plugins can generate the additional name=value attributes that Postfix
 needs for TLSRPT support (as of February 2025). This is enabled by setting a
diff --git a/postfix/README_FILES/TLS_README b/postfix/README_FILES/TLS_README
index c0aaae4f1..9a75f24a9 100644
--- a/postfix/README_FILES/TLS_README
+++ b/postfix/README_FILES/TLS_README
@@ -374,12 +374,13 @@ This is true for OE (Win32 < 5.0 and Win32 >=5.0 when run on a port<>25 and OE
 It is strictly discouraged to use this mode from main.cf. If you want to
 support this service, enable a special port in master.cf and specify "-
 o smtpd_tls_wrappermode=yes" (note: no space around the "=") as an smtpd(8)
-command line option. Port 465 (smtps) was once chosen for this feature.
+command line option. Port 465 (submissions, formerly called smtps) is the most
+common example.
 
 Example:
 
     /etc/postfix/master.cf:
-        smtps    inet  n       -       n       -       -       smtpd
+        submissions inet  n       -       n       -       -       smtpd
           -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
 
 CClliieenntt cceerrttiiffiiccaattee vveerriiffiiccaattiioonn
@@ -760,7 +761,7 @@ Topics covered in this section:
   * Discovering servers that support TLS
   * Server certificate verification depth
   * Client-side cipher controls
-  * Client-side SMTPS support
+  * Client-side submissions (formerly called smtps) support
   * Miscellaneous client controls
 
 CCoonnffiigguurriinngg TTLLSS iinn tthhee SSMMTTPP//LLMMTTPP cclliieenntt
@@ -1970,48 +1971,51 @@ Example:
         smtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
         smtp_tls_protocols = !SSLv2,!SSLv3
 
-CClliieenntt--ssiiddee SSMMTTPPSS ssuuppppoorrtt
+CClliieenntt--ssiiddee ssuubbmmiissssiioonnss ((ffoorrmmeerrllyy ccaalllleedd ssmmttppss)) ssuuppppoorrtt
 
 These sections show how to send mail to a server that does not support
-STARTTLS, but that provides the SMTPS service on TCP port 465. Depending on the
-Postfix version, some additional tooling may be required.
+STARTTLS, but that provides the submissions (smtps) service on TCP port 465.
+Depending on the Postfix version, some additional tooling may be required.
 
 PPoossttffiixx >>== 33..00
 
-The Postfix SMTP client has SMTPS support built-in as of version 3.0. Use one
-of the following examples, to send all remote mail, or to send only some remote
-mail, to an SMTPS server.
+The Postfix SMTP client has submissions service support built-in as of version
+3.0. Use one of the following examples, to send all remote mail, or to send
+only some remote mail, to a submissions (smtps) server.
 
-PPoossttffiixx >>== 33..00:: SSeennddiinngg aallll rreemmoottee mmaaiill ttoo aann SSMMTTPPSS sseerrvveerr
+PPoossttffiixx >>== 33..00:: SSeennddiinngg aallll rreemmoottee mmaaiill ttoo aa ssuubbmmiissssiioonnss ((ffoorrmmeerrllyy ccaalllleedd
+ssmmttppss)) sseerrvveerr
 
-The first example will send all remote mail over SMTPS through a provider's
+The first example will send all remote mail to through a provider's submissions
 server called "mail.example.com":
 
     /etc/postfix/main.cf:
-        # Client-side SMTPS requires "encrypt" or stronger.
+        # Client-side submissions requires "encrypt" or stronger.
         smtp_tls_security_level = encrypt
         smtp_tls_wrappermode = yes
         # The [] suppress MX lookups.
-        relayhost = [mail.example.com]:465
+        relayhost = [mail.example.com]:submissions
 
 Use "postfix reload" to make the change effective.
 
 See SOHO_README for additional information about SASL authentication.
 
-PPoossttffiixx >>== 33..00:: SSeennddiinngg oonnllyy mmaaiill ffoorr aa ssppeecciiffiicc ddeessttiinnaattiioonn vviiaa SSMMTTPPSS
+PPoossttffiixx >>== 33..00:: SSeennddiinngg oonnllyy mmaaiill ffoorr aa ssppeecciiffiicc ddeessttiinnaattiioonn ttoo aa ssuubbmmiissssiioonnss
+((ffoorrmmeerrllyy ccaalllleedd ssmmttppss)) sseerrvviiccee
 
-The second example will send only mail for "example.com" via SMTPS. This time,
-Postfix uses a transport map to deliver only mail for "example.com" via SMTPS:
+The second example will send only mail for "example.com" using the submissions
+(smtps) service. This time, Postfix uses a transport map to deliver only mail
+for "example.com" using the submissions (smtps) service:
 
     /etc/postfix/main.cf:
         transport_maps = hash:/etc/postfix/transport
 
     /etc/postfix/transport:
-        example.com  relay-smtps:example.com:465
+        example.com  relay-submissions:example.com:submissions
 
     /etc/postfix/master.cf:
-        relay-smtps  unix  -       -       n       -       -       smtp
-            # Client-side SMTPS requires "encrypt" or stronger.
+        relay-submissions  unix  -       -       n       -       -       smtp
+            # Client-side submissions service requires "encrypt" or stronger.
             -o smtp_tls_security_level=encrypt
             -o smtp_tls_wrappermode=yes
 
@@ -2022,62 +2026,7 @@ See SOHO_README for additional information about SASL authentication.
 
 PPoossttffiixx << 33..00
 
-Although older Postfix SMTP client versions do not support TLS wrapper mode, it
-is relatively easy to forward a connection through the stunnel program if
-Postfix needs to deliver mail to some legacy system that doesn't support
-STARTTLS.
-
-PPoossttffiixx << 33..00:: SSeennddiinngg aallll rreemmoottee mmaaiill ttoo aann SSMMTTPPSS sseerrvveerr
-
-The first example uses SMTPS to send all remote mail to a provider's mail
-server called "mail.example.com".
-
-A minimal stunnel.conf file is sufficient to set up a tunnel from local port
-11125 to the remote destination "mail.example.com" and port "smtps". Postfix
-will later use this tunnel to connect to the remote server.
-
-    /path/to/stunnel.conf:
-        [smtp-tls-wrapper]
-        accept = 11125
-        client = yes
-        connect = mail.example.com:smtps
-
-To test this tunnel, use:
-
-    $ telnet localhost 11125
-
-This should produce the greeting from the remote SMTP server at
-mail.example.com.
-
-On the Postfix side, the relayhost feature sends all remote mail through the
-local stunnel listener on port 11125:
-
-    /etc/postfix/main.cf:
-        relayhost = [127.0.0.1]:11125
-
-Use "postfix reload" to make the change effective.
-
-See SOHO_README for additional information about SASL authentication.
-
-PPoossttffiixx << 33..00:: SSeennddiinngg oonnllyy mmaaiill ffoorr aa ssppeecciiffiicc ddeessttiinnaattiioonn vviiaa SSMMTTPPSS
-
-The second example will use SMTPS to send only mail for "example.com" via
-SMTPS. It uses the same stunnel configuration file as the first example, so it
-won't be repeated here.
-
-This time, the Postfix side uses a transport map to direct only mail for
-"example.com" through the tunnel:
-
-    /etc/postfix/main.cf:
-        transport_maps = hash:/etc/postfix/transport
-
-    /etc/postfix/transport:
-        example.com  relay:[127.0.0.1]:11125
-
-Use "postmap hash:/etc/postfix/transport" and "postfix reload" to make the
-change effective.
-
-See SOHO_README for additional information about SASL authentication.
+Please see TLS_LEGACY_README.
 
 MMiisscceellllaanneeoouuss cclliieenntt ccoonnttrroollss
 
diff --git a/postfix/html/TLSRPT_README.html b/postfix/html/TLSRPT_README.html
index 8352008ac..bc22acf3b 100644
--- a/postfix/html/TLSRPT_README.html
+++ b/postfix/html/TLSRPT_README.html
@@ -345,7 +345,8 @@ postfix-tlspol</a>, supports domains with DANE (using Postfix
 built-in DANE), and domains with MTA-STS. </p>
 
 <li> <p> <a href="https://github.com/Snawoot/postfix-mta-sts-resolver">
-postfix-mta-sts-resolver</a>, supports domains with MTA-STS. </p>
+postfix-mta-sts-resolver</a>, supports domains with MTA-STS as of
+release 1.5.0 (February 2025). </p>
 
 </ul>
 
diff --git a/postfix/html/TLS_README.html b/postfix/html/TLS_README.html
index f0f985573..4dc06dcb1 100644
--- a/postfix/html/TLS_README.html
+++ b/postfix/html/TLS_README.html
@@ -552,8 +552,8 @@ and OE (5.01 Mac on all ports). </p>
 <p> It is strictly discouraged to use this mode from <a href="postconf.5.html">main.cf</a>. If
 you want to support this service, enable a special port in <a href="master.5.html">master.cf</a>
 and specify "-o <a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a>=yes" (note: no space around
-the "=") as an <a href="smtpd.8.html">smtpd(8)</a> command line option.  Port 465 (smtps) was
-once chosen for this feature.
+the "=") as an <a href="smtpd.8.html">smtpd(8)</a> command line option.  Port 465 (submissions,
+formerly called smtps) is the most common example.
 </p>
 
 <p> Example: </p>
@@ -561,7 +561,7 @@ once chosen for this feature.
 <blockquote>
 <pre>
 /etc/postfix/<a href="master.5.html">master.cf</a>:
-    smtps    inet  n       -       n       -       -       smtpd
+    submissions inet  n       -       n       -       -       smtpd
       -o <a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a>=yes -o <a href="postconf.5.html#smtpd_sasl_auth_enable">smtpd_sasl_auth_enable</a>=yes
 </pre>
 </blockquote>
@@ -1065,7 +1065,7 @@ key configuration </a>
 
 <li> <a href="#client_cipher">Client-side cipher controls </a>
 
-<li> <a href="#client_smtps">Client-side SMTPS support </a>
+<li> <a href="#client_smtps">Client-side submissions (formerly called smtps) support </a>
 
 <li> <a href="#client_misc"> Miscellaneous client controls </a>
 
@@ -2560,32 +2560,33 @@ the TLS protocols used with opportunistic TLS. </p>
 </pre>
 </blockquote>
 
-<h3> <a name="client_smtps">Client-side SMTPS support </a> </h3>
+<h3> <a name="client_smtps">Client-side submissions (formerly called smtps) support </a> </h3>
 
 <p> These sections show how to send mail to a server that does not
-support STARTTLS, but that provides the SMTPS service
+support STARTTLS, but that provides the submissions (smtps) service
 on TCP port 465.  Depending on the Postfix version, some additional
 tooling may be required. </p>
 
 <h4> Postfix &ge; 3.0 </h4>
 
-<p> The Postfix SMTP client has SMTPS support built-in as of version
+<p> The Postfix SMTP client has submissions service support built-in
+as of version
 3.0.  Use one of the following examples, to send all remote mail,
-or to send only some remote mail, to an SMTPS server.  </p>
+or to send only some remote mail, to a submissions (smtps) server.  </p>
 
-<h5> Postfix &ge; 3.0: Sending all remote mail to an SMTPS server </h5>
+<h5> Postfix &ge; 3.0: Sending all remote mail to a submissions (formerly called smtps) server </h5>
 
-<p> The first example will send all remote mail over SMTPS through
-a provider's server called "mail.example.com": </p>
+<p> The first example will send all remote mail to through a
+provider's submissions server called "mail.example.com": </p>
 
 <blockquote>
 <pre>
 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
-    # Client-side SMTPS requires "encrypt" or stronger.
+    # Client-side submissions requires "encrypt" or stronger.
     <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = encrypt
     <a href="postconf.5.html#smtp_tls_wrappermode">smtp_tls_wrappermode</a> = yes
     # The [] suppress MX lookups.
-    <a href="postconf.5.html#relayhost">relayhost</a> = [mail.example.com]:465
+    <a href="postconf.5.html#relayhost">relayhost</a> = [mail.example.com]:submissions
 </pre>
 </blockquote>
 
@@ -2595,11 +2596,12 @@ a provider's server called "mail.example.com": </p>
 </p>
 
 <h5> Postfix &ge; 3.0: Sending only mail for a specific destination
-via SMTPS </h5>
+to a submissions (formerly called smtps) service </h5>
 
-<p> The second example will send only mail for "example.com" via
-SMTPS.  This time, Postfix uses a transport map to deliver only
-mail for "example.com" via SMTPS: </p>
+<p> The second example will send only mail for "example.com" using
+the submissions (smtps) service.
+This time, Postfix uses a transport map to deliver only
+mail for "example.com" using the submissions (smtps) service: </p>
 
 <blockquote>
 <pre>
@@ -2607,11 +2609,11 @@ mail for "example.com" via SMTPS: </p>
     <a href="postconf.5.html#transport_maps">transport_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/transport
 
 /etc/postfix/transport:
-    example.com  relay-smtps:example.com:465
+    example.com  relay-submissions:example.com:submissions
 
 /etc/postfix/<a href="master.5.html">master.cf</a>:
-    relay-smtps  unix  -       -       n       -       -       smtp
-        # Client-side SMTPS requires "encrypt" or stronger.
+    relay-submissions  unix  -       -       n       -       -       smtp
+        # Client-side submissions service requires "encrypt" or stronger.
         -o <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a>=encrypt
         -o <a href="postconf.5.html#smtp_tls_wrappermode">smtp_tls_wrappermode</a>=yes
 </pre>
@@ -2625,81 +2627,7 @@ authentication. </p>
 
 <h4> Postfix &lt; 3.0 </h4>
 
-<p> Although older Postfix SMTP client versions do not support TLS
-wrapper mode, it is relatively easy to forward a connection through
-the stunnel program if Postfix needs to deliver mail to some legacy
-system that doesn't support STARTTLS. </p>
-
-<h5> Postfix &lt; 3.0: Sending all remote mail to an SMTPS server </h5>
-
-<p> The first example uses SMTPS to send all remote mail to a
-provider's mail server called "mail.example.com".  </p>
-
-<p> A minimal stunnel.conf file is sufficient to set up a tunnel
-from local port 11125 to the remote destination "mail.example.com"
-and port "smtps". Postfix will later use this tunnel to connect to
-the remote server. </p>
-
-<blockquote>
-<pre>
-/path/to/stunnel.conf:
-    [smtp-tls-wrapper]
-    accept = 11125
-    client = yes
-    connect = mail.example.com:smtps
-</pre>
-</blockquote>
-
-<p> To test this tunnel, use: </p>
-
-<blockquote>
-<pre>
-$ telnet localhost 11125
-</pre>
-</blockquote>
-
-<p> This should produce the greeting from the remote SMTP server
-at mail.example.com. </p>
-
-<p> On the Postfix side, the <a href="postconf.5.html#relayhost">relayhost</a> feature sends all remote
-mail through the local stunnel listener on port 11125: </p>
-
-<blockquote>
-<pre>
-/etc/postfix/<a href="postconf.5.html">main.cf</a>:
-    <a href="postconf.5.html#relayhost">relayhost</a> = [127.0.0.1]:11125
-</pre>
-</blockquote>
-
-<p> Use "postfix reload" to make the change effective. </p>
-
-<p> See <a href="SOHO_README.html">SOHO_README</a> for additional information about SASL
-authentication. </p>
-
-<h4> Postfix &lt; 3.0: Sending only mail for a specific destination via SMTPS </h4>
-
-<p> The second example will use SMTPS to send only mail for
-"example.com" via SMTPS. It uses the same stunnel configuration
-file as the first example, so it won't be repeated here. </p>
-
-<p> This time, the Postfix side uses a transport map to direct only
-mail for "example.com" through the tunnel: </p>
-
-<blockquote>
-<pre>
-/etc/postfix/<a href="postconf.5.html">main.cf</a>:
-    <a href="postconf.5.html#transport_maps">transport_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/transport
-
-/etc/postfix/transport:
-    example.com  relay:[127.0.0.1]:11125
-</pre>
-</blockquote>
-
-<p> Use "postmap <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/transport" and "postfix reload"
-to make the change effective. </p>
-
-<p> See <a href="SOHO_README.html">SOHO_README</a> for additional information about SASL authentication.
-</p>
+<p> Please see <a href="TLS_LEGACY_README.html">TLS_LEGACY_README</a>. </p>
 
 <h3> <a name="client_misc"> Miscellaneous client controls </a> </h3>
 
@@ -2710,7 +2638,7 @@ tries the next network address on the mail exchanger list, and
 defers delivery if no alternative server is available. </p>
 
 <p> Example: </p>
- 
+  
 <blockquote>
 <pre>
 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
@@ -2727,7 +2655,7 @@ are disabled in the default value of the parameter when linked with
 an OpenSSL library that could be vulnerable. </p>
 
 <p> Example: </p>
- 
+
 <blockquote>
 <pre>
 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
diff --git a/postfix/html/lmtp.8.html b/postfix/html/lmtp.8.html
index 5c5b16847..f5a3945b6 100644
--- a/postfix/html/lmtp.8.html
+++ b/postfix/html/lmtp.8.html
@@ -691,19 +691,20 @@ SMTP(8)                                                                SMTP(8)
 
        <b><a href="postconf.5.html#smtp_tls_wrappermode">smtp_tls_wrappermode</a> (no)</b>
               Request  that the Postfix SMTP client connects using the SUBMIS-
-              SIONS/SMTPS protocol instead of using the STARTTLS command.
+              SIONS (formerly called SMTPS)  protocol  instead  of  using  the
+              STARTTLS command.
 
        Available in Postfix version 3.1 and later:
 
-       <b><a href="postconf.5.html#smtp_tls_dane_insecure_mx_policy">smtp_tls_dane_insecure_mx_policy</a> (see 'postconf -d' output)</b>
-              The TLS policy for MX hosts with "secure" TLSA records when  the
-              nexthop  destination  security  level is <b>dane</b>, but the MX record
+       <b><a href="postconf.5.html#smtp_tls_dane_insecure_mx_policy">smtp_tls_dane_insecure_mx_policy</a> (dane)</b>
+              The  TLS policy for MX hosts with "secure" TLSA records when the
+              nexthop destination security level is <b>dane</b>, but  the  MX  record
               was found via an "insecure" MX lookup.
 
        Available in Postfix version 3.2 and later:
 
        <b><a href="postconf.5.html#tls_eecdh_auto_curves">tls_eecdh_auto_curves</a> (see 'postconf -d' output)</b>
-              The prioritized list of elliptic curves, that should be  enabled
+              The  prioritized list of elliptic curves, that should be enabled
               in the Postfix SMTP client and server.
 
        Available in Postfix version 3.4 and later:
@@ -712,23 +713,23 @@ SMTP(8)                                                                SMTP(8)
               Try to make multiple deliveries per TLS-encrypted connection.
 
        <b><a href="postconf.5.html#smtp_tls_chain_files">smtp_tls_chain_files</a> (empty)</b>
-              List  of one or more PEM files, each holding one or more private
+              List of one or more PEM files, each holding one or more  private
               keys directly followed by a corresponding certificate chain.
 
        <b><a href="postconf.5.html#smtp_tls_servername">smtp_tls_servername</a> (empty)</b>
-              Optional name to send to the  remote  SMTP  server  in  the  TLS
+              Optional  name  to  send  to  the  remote SMTP server in the TLS
               Server Name Indication (SNI) extension.
 
        Available in Postfix 3.5, 3.4.6, 3.3.5, 3.2.10, 3.1.13 and later:
 
        <b><a href="postconf.5.html#tls_fast_shutdown_enable">tls_fast_shutdown_enable</a> (yes)</b>
-              A  workaround  for implementations that hang Postfix while shut-
+              A workaround for implementations that hang Postfix  while  shut-
               ting down a TLS session, until Postfix times out.
 
        Available in Postfix version 3.8 and later:
 
        <b><a href="postconf.5.html#tls_ffdhe_auto_groups">tls_ffdhe_auto_groups</a> (see 'postconf -d' output)</b>
-              The prioritized list of  finite-field  Diffie-Hellman  ephemeral
+              The  prioritized  list  of finite-field Diffie-Hellman ephemeral
               (FFDHE) key exchange groups supported by the Postfix SMTP client
               and server.
 
@@ -738,13 +739,13 @@ SMTP(8)                                                                SMTP(8)
               Optional configuration file with baseline OpenSSL settings.
 
        <b><a href="postconf.5.html#tls_config_name">tls_config_name</a> (empty)</b>
-              The application name passed by Postfix to OpenSSL  library  ini-
+              The  application  name passed by Postfix to OpenSSL library ini-
               tialization functions.
 
        Available in Postfix version 3.9 and later:
 
        <b><a href="postconf.5.html#smtp_tls_enable_rpk">smtp_tls_enable_rpk</a> (no)</b>
-              Request  that remote SMTP servers send an <a href="https://tools.ietf.org/html/rfc7250">RFC7250</a> raw public key
+              Request that remote SMTP servers send an <a href="https://tools.ietf.org/html/rfc7250">RFC7250</a> raw public  key
               instead of an X.509 certificate.
 
        Available in Postfix version 3.10 and later:
@@ -758,7 +759,7 @@ SMTP(8)                                                                SMTP(8)
 
        <b><a href="postconf.5.html#smtp_tlsrpt_skip_reused_handshakes">smtp_tlsrpt_skip_reused_handshakes</a> (yes)</b>
               Do not report the TLSRPT status for TLS protocol handshakes that
-              reuse a previously-negotiated  TLS  session  (there  is  no  new
+              reuse  a  previously-negotiated  TLS  session  (there  is no new
               information to report).
 
        <b><a href="postconf.5.html#tls_required_enable">tls_required_enable</a> (yes)</b>
@@ -766,40 +767,40 @@ SMTP(8)                                                                SMTP(8)
               defined in <a href="https://tools.ietf.org/html/rfc8689">RFC 8689</a>.
 
 <b><a name="obsolete_starttls_controls">OBSOLETE STARTTLS CONTROLS</a></b>
-       The following configuration parameters  exist  for  compatibility  with
-       Postfix  versions  before  2.3.  Support for these will be removed in a
+       The  following  configuration  parameters  exist for compatibility with
+       Postfix versions before 2.3. Support for these will  be  removed  in  a
        future release.
 
        <b><a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a> (no)</b>
-              Opportunistic mode: use TLS when a remote SMTP server  announces
+              Opportunistic  mode: use TLS when a remote SMTP server announces
               STARTTLS support, otherwise send the mail in the clear.
 
        <b><a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> (no)</b>
-              Enforcement  mode:  require  that  remote  SMTP  servers use TLS
+              Enforcement mode: require  that  remote  SMTP  servers  use  TLS
               encryption, and never send mail in the clear.
 
        <b><a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> (yes)</b>
-              With mandatory TLS encryption,  require  that  the  remote  SMTP
-              server  hostname  matches  the  information  in  the remote SMTP
+              With  mandatory  TLS  encryption,  require  that the remote SMTP
+              server hostname matches  the  information  in  the  remote  SMTP
               server certificate.
 
        <b><a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> (empty)</b>
-              Optional lookup tables with the Postfix SMTP  client  TLS  usage
-              policy  by  next-hop destination and by remote SMTP server host-
+              Optional  lookup  tables  with the Postfix SMTP client TLS usage
+              policy by next-hop destination and by remote SMTP  server  host-
               name.
 
        <b><a href="postconf.5.html#smtp_tls_cipherlist">smtp_tls_cipherlist</a> (empty)</b>
-              Obsolete Postfix &lt; 2.3 control for the Postfix SMTP  client  TLS
+              Obsolete  Postfix  &lt; 2.3 control for the Postfix SMTP client TLS
               cipher list.
 
 <b><a name="resource_and_rate_controls">RESOURCE AND RATE CONTROLS</a></b>
        <b><a href="postconf.5.html#smtp_connect_timeout">smtp_connect_timeout</a> (30s)</b>
-              The  Postfix SMTP client time limit for completing a TCP connec-
+              The Postfix SMTP client time limit for completing a TCP  connec-
               tion, or zero (use the operating system built-in time limit).
 
        <b><a href="postconf.5.html#smtp_helo_timeout">smtp_helo_timeout</a> (300s)</b>
-              The Postfix SMTP client time limit for sending the HELO or  EHLO
-              command,  and  for  receiving  the  initial  remote  SMTP server
+              The  Postfix SMTP client time limit for sending the HELO or EHLO
+              command, and  for  receiving  the  initial  remote  SMTP  server
               response.
 
        <b><a href="postconf.5.html#lmtp_lhlo_timeout">lmtp_lhlo_timeout</a> (300s)</b>
@@ -811,19 +812,19 @@ SMTP(8)                                                                SMTP(8)
               mand, and for receiving the remote SMTP server response.
 
        <b><a href="postconf.5.html#smtp_mail_timeout">smtp_mail_timeout</a> (300s)</b>
-              The Postfix SMTP client time limit for  sending  the  MAIL  FROM
+              The  Postfix  SMTP  client  time limit for sending the MAIL FROM
               command, and for receiving the remote SMTP server response.
 
        <b><a href="postconf.5.html#smtp_rcpt_timeout">smtp_rcpt_timeout</a> (300s)</b>
-              The  Postfix SMTP client time limit for sending the SMTP RCPT TO
+              The Postfix SMTP client time limit for sending the SMTP RCPT  TO
               command, and for receiving the remote SMTP server response.
 
        <b><a href="postconf.5.html#smtp_data_init_timeout">smtp_data_init_timeout</a> (120s)</b>
-              The Postfix SMTP client time limit for  sending  the  SMTP  DATA
+              The  Postfix  SMTP  client  time limit for sending the SMTP DATA
               command, and for receiving the remote SMTP server response.
 
        <b><a href="postconf.5.html#smtp_data_xfer_timeout">smtp_data_xfer_timeout</a> (180s)</b>
-              The  Postfix SMTP client time limit for sending the SMTP message
+              The Postfix SMTP client time limit for sending the SMTP  message
               content.
 
        <b><a href="postconf.5.html#smtp_data_done_timeout">smtp_data_done_timeout</a> (600s)</b>
@@ -837,13 +838,13 @@ SMTP(8)                                                                SMTP(8)
        Available in Postfix version 2.1 and later:
 
        <b><a href="postconf.5.html#smtp_mx_address_limit">smtp_mx_address_limit</a> (5)</b>
-              The maximal number of MX (mail exchanger) IP addresses that  can
-              result  from Postfix SMTP client mail exchanger lookups, or zero
+              The  maximal number of MX (mail exchanger) IP addresses that can
+              result from Postfix SMTP client mail exchanger lookups, or  zero
               (no limit).
 
        <b><a href="postconf.5.html#smtp_mx_session_limit">smtp_mx_session_limit</a> (2)</b>
-              The maximal number of SMTP sessions per delivery request  before
-              the  Postfix  SMTP  client  gives  up or delivers to a fall-back
+              The  maximal number of SMTP sessions per delivery request before
+              the Postfix SMTP client gives up  or  delivers  to  a  fall-back
               <a href="postconf.5.html#relayhost">relay host</a>, or zero (no limit).
 
        <b><a href="postconf.5.html#smtp_rset_timeout">smtp_rset_timeout</a> (20s)</b>
@@ -853,17 +854,17 @@ SMTP(8)                                                                SMTP(8)
        Available in Postfix version 2.2 and earlier:
 
        <b><a href="postconf.5.html#lmtp_cache_connection">lmtp_cache_connection</a> (yes)</b>
-              Keep  Postfix  LMTP  client connections open for up to $<a href="postconf.5.html#max_idle">max_idle</a>
+              Keep Postfix LMTP client connections open for  up  to  $<a href="postconf.5.html#max_idle">max_idle</a>
               seconds.
 
        Available in Postfix version 2.2 and later:
 
        <b><a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> (empty)</b>
-              Permanently enable SMTP connection  caching  for  the  specified
+              Permanently  enable  SMTP  connection  caching for the specified
               destinations.
 
        <b><a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a> (yes)</b>
-              Temporarily  enable  SMTP connection caching while a destination
+              Temporarily enable SMTP connection caching while  a  destination
               has a high volume of mail in the <a href="QSHAPE_README.html#active_queue">active queue</a>.
 
        <b><a href="postconf.5.html#smtp_connection_reuse_time_limit">smtp_connection_reuse_time_limit</a> (300s)</b>
@@ -877,23 +878,23 @@ SMTP(8)                                                                SMTP(8)
        Available in Postfix version 2.3 and later:
 
        <b><a href="postconf.5.html#connection_cache_protocol_timeout">connection_cache_protocol_timeout</a> (5s)</b>
-              Time limit for connection cache connect, send or receive  opera-
+              Time  limit for connection cache connect, send or receive opera-
               tions.
 
        Available in Postfix version 2.9 - 3.6:
 
        <b><a href="postconf.5.html#smtp_per_record_deadline">smtp_per_record_deadline</a> (no)</b>
-              Change  the  behavior  of the smtp_*_timeout time limits, from a
-              time limit per read or write system call, to  a  time  limit  to
-              send  or  receive  a complete record (an SMTP command line, SMTP
-              response line, SMTP message content line, or TLS  protocol  mes-
+              Change the behavior of the smtp_*_timeout time  limits,  from  a
+              time  limit  per  read  or write system call, to a time limit to
+              send or receive a complete record (an SMTP  command  line,  SMTP
+              response  line,  SMTP message content line, or TLS protocol mes-
               sage).
 
        Available in Postfix version 2.11 and later:
 
        <b><a href="postconf.5.html#smtp_connection_reuse_count_limit">smtp_connection_reuse_count_limit</a> (0)</b>
-              When  SMTP  connection  caching  is enabled, the number of times
-              that an SMTP session may be reused before it is closed, or  zero
+              When SMTP connection caching is enabled,  the  number  of  times
+              that  an SMTP session may be reused before it is closed, or zero
               (no limit).
 
        Available in Postfix version 3.4 and later:
@@ -904,13 +905,13 @@ SMTP(8)                                                                SMTP(8)
        Available in Postfix version 3.7 and later:
 
        <b><a href="postconf.5.html#smtp_per_request_deadline">smtp_per_request_deadline</a> (no)</b>
-              Change  the  behavior  of the smtp_*_timeout time limits, from a
-              time limit per plaintext or TLS read or write call,  to  a  com-
-              bined  time  limit  for  sending a complete SMTP request and for
+              Change the behavior of the smtp_*_timeout time  limits,  from  a
+              time  limit  per  plaintext or TLS read or write call, to a com-
+              bined time limit for sending a complete  SMTP  request  and  for
               receiving a complete SMTP response.
 
        <b><a href="postconf.5.html#smtp_min_data_rate">smtp_min_data_rate</a> (500)</b>
-              The minimum plaintext data transfer  rate  in  bytes/second  for
+              The  minimum  plaintext  data  transfer rate in bytes/second for
               DATA    requests,    when    deadlines    are    enabled    with
               <a href="postconf.5.html#smtp_per_request_deadline">smtp_per_request_deadline</a>.
 
@@ -918,54 +919,54 @@ SMTP(8)                                                                SMTP(8)
 
        <b><a href="postconf.5.html#transport_destination_concurrency_limit">transport_destination_concurrency_limit</a>   ($<a href="postconf.5.html#default_destination_concurrency_limit">default_destination_concur</a>-</b>
        <b><a href="postconf.5.html#default_destination_concurrency_limit">rency_limit</a>)</b>
-              A transport-specific override for  the  <a href="postconf.5.html#default_destination_concurrency_limit">default_destination_con</a>-
+              A  transport-specific  override for the <a href="postconf.5.html#default_destination_concurrency_limit">default_destination_con</a>-
               <a href="postconf.5.html#default_destination_concurrency_limit">currency_limit</a> parameter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
               name of the message delivery transport.
 
        <b><a href="postconf.5.html#transport_destination_recipient_limit">transport_destination_recipient_limit</a>     ($<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipi</a>-</b>
        <b><a href="postconf.5.html#default_destination_recipient_limit">ent_limit</a>)</b>
               A transport-specific override for the <a href="postconf.5.html#default_destination_recipient_limit">default_destination_recip</a>-
-              <a href="postconf.5.html#default_destination_recipient_limit">ient_limit</a>  parameter  value,  where  <i>transport</i> is the <a href="master.5.html">master.cf</a>
+              <a href="postconf.5.html#default_destination_recipient_limit">ient_limit</a> parameter value, where  <i>transport</i>  is  the  <a href="master.5.html">master.cf</a>
               name of the message delivery transport.
 
 <b><a name="smtputf8_controls">SMTPUTF8 CONTROLS</a></b>
        Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
 
        <b><a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> (yes)</b>
-              Enable preliminary SMTPUTF8 support for the protocols  described
+              Enable  preliminary SMTPUTF8 support for the protocols described
               in <a href="https://tools.ietf.org/html/rfc6531">RFC 6531</a>, <a href="https://tools.ietf.org/html/rfc6532">RFC 6532</a>, and <a href="https://tools.ietf.org/html/rfc6533">RFC 6533</a>.
 
        <b><a href="postconf.5.html#smtputf8_autodetect_classes">smtputf8_autodetect_classes</a> (sendmail, verify)</b>
-              Detect  that  a message requires SMTPUTF8 support for the speci-
+              Detect that a message requires SMTPUTF8 support for  the  speci-
               fied mail origin classes.
 
        Available in Postfix version 3.2 and later:
 
        <b><a href="postconf.5.html#enable_idna2003_compatibility">enable_idna2003_compatibility</a> (no)</b>
-              Enable  'transitional'  compatibility   between   IDNA2003   and
-              IDNA2008,  when  converting UTF-8 domain names to/from the ASCII
+              Enable   'transitional'   compatibility   between  IDNA2003  and
+              IDNA2008, when converting UTF-8 domain names to/from  the  ASCII
               form that is used for DNS lookups.
 
 <b><a name="trouble_shooting_controls">TROUBLE SHOOTING CONTROLS</a></b>
        <b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
-              The increment in verbose logging level when a  nexthop  destina-
-              tion,  remote client or server name or network address matches a
+              The  increment  in verbose logging level when a nexthop destina-
+              tion, remote client or server name or network address matches  a
               pattern given with the <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
 
        <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
-              Optional list of nexthop destination, remote  client  or  server
-              name  or  network  address  patterns that, if matched, cause the
-              verbose logging level to increase by  the  amount  specified  in
+              Optional  list  of  nexthop destination, remote client or server
+              name or network address patterns that,  if  matched,  cause  the
+              verbose  logging  level  to  increase by the amount specified in
               $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
 
        <b><a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> (postmaster)</b>
-              The  recipient  of  postmaster notifications about mail delivery
+              The recipient of postmaster notifications  about  mail  delivery
               problems that are caused by policy, resource, software or proto-
               col errors.
 
        <b><a href="postconf.5.html#internal_mail_filter_classes">internal_mail_filter_classes</a> (empty)</b>
-              What   categories  of  Postfix-generated  mail  are  subject  to
-              before-queue   content    inspection    by    <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>,
+              What  categories  of  Postfix-generated  mail  are  subject   to
+              before-queue    content    inspection    by   <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>,
               <a href="postconf.5.html#header_checks">header_checks</a> and <a href="postconf.5.html#body_checks">body_checks</a>.
 
        <b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
@@ -973,46 +974,46 @@ SMTP(8)                                                                SMTP(8)
 
 <b><a name="miscellaneous_controls">MISCELLANEOUS CONTROLS</a></b>
        <b><a href="postconf.5.html#best_mx_transport">best_mx_transport</a> (empty)</b>
-              Where  the  Postfix  SMTP  client  should  deliver  mail when it
+              Where the Postfix  SMTP  client  should  deliver  mail  when  it
               detects a "mail loops back to myself" error condition.
 
        <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
-              The default location of the Postfix <a href="postconf.5.html">main.cf</a> and  <a href="master.5.html">master.cf</a>  con-
+              The  default  location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
               figuration files.
 
        <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
-              How  much  time  a  Postfix  daemon process may take to handle a
+              How much time a Postfix daemon process  may  take  to  handle  a
               request before it is terminated by a built-in watchdog timer.
 
        <b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b>
-              The maximal number of digits after the decimal point  when  log-
+              The  maximal  number of digits after the decimal point when log-
               ging delay values.
 
        <b><a href="postconf.5.html#disable_dns_lookups">disable_dns_lookups</a> (no)</b>
               Disable DNS lookups in the Postfix SMTP and LMTP clients.
 
        <b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
-              The  local  network  interface  addresses  that this mail system
+              The local network interface  addresses  that  this  mail  system
               receives mail on.
 
        <b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (see 'postconf -d' output)</b>
-              The Internet protocols Postfix will attempt to use  when  making
+              The  Internet  protocols Postfix will attempt to use when making
               or accepting connections.
 
        <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
-              The  time  limit  for  sending  or receiving information over an
+              The time limit for sending  or  receiving  information  over  an
               internal communication channel.
 
        <b><a href="postconf.5.html#lmtp_assume_final">lmtp_assume_final</a> (no)</b>
-              When a remote LMTP server announces no DSN support, assume  that
-              the  server performs final delivery, and send "delivered" deliv-
+              When  a remote LMTP server announces no DSN support, assume that
+              the server performs final delivery, and send "delivered"  deliv-
               ery status notifications instead of "relayed".
 
        <b><a href="postconf.5.html#lmtp_tcp_port">lmtp_tcp_port</a> (24)</b>
               The default TCP port that the Postfix LMTP client connects to.
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
-              The maximum amount of time that an idle Postfix  daemon  process
+              The  maximum  amount of time that an idle Postfix daemon process
               waits for an incoming connection before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
@@ -1026,21 +1027,21 @@ SMTP(8)                                                                SMTP(8)
               The process name of a Postfix command or daemon process.
 
        <b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
-              The  remote  network  interface  addresses that this mail system
-              receives mail on by way of a proxy or network  address  transla-
+              The remote network interface addresses  that  this  mail  system
+              receives  mail  on by way of a proxy or network address transla-
               tion unit.
 
        <b><a href="postconf.5.html#smtp_address_preference">smtp_address_preference</a> (any)</b>
               The address type ("ipv6", "ipv4" or "any") that the Postfix SMTP
-              client will try first, when a  destination  has  IPv6  and  IPv4
+              client  will  try  first,  when  a destination has IPv6 and IPv4
               addresses with equal MX preference.
 
        <b><a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> (empty)</b>
-              An  optional  numerical  network  address  that the Postfix SMTP
+              An optional numerical network  address  that  the  Postfix  SMTP
               client should bind to when making an IPv4 connection.
 
        <b><a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> (empty)</b>
-              An optional numerical network  address  that  the  Postfix  SMTP
+              An  optional  numerical  network  address  that the Postfix SMTP
               client should bind to when making an IPv6 connection.
 
        <b><a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
@@ -1060,7 +1061,7 @@ SMTP(8)                                                                SMTP(8)
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
-              A prefix that  is  prepended  to  the  process  name  in  syslog
+              A  prefix  that  is  prepended  to  the  process  name in syslog
               records, so that, for example, "smtpd" becomes "prefix/smtpd".
 
        Available with Postfix 2.2 and earlier:
@@ -1072,14 +1073,14 @@ SMTP(8)                                                                SMTP(8)
        Available with Postfix 2.3 and later:
 
        <b><a href="postconf.5.html#smtp_fallback_relay">smtp_fallback_relay</a> ($<a href="postconf.5.html#fallback_relay">fallback_relay</a>)</b>
-              Optional list of relay destinations that will be  used  when  an
-              SMTP  destination  is not found, or when delivery fails due to a
+              Optional  list  of  relay destinations that will be used when an
+              SMTP destination is not found, or when delivery fails due  to  a
               non-permanent error.
 
        Available with Postfix 3.0 and later:
 
        <b><a href="postconf.5.html#smtp_address_verify_target">smtp_address_verify_target</a> (rcpt)</b>
-              In the context of email address verification, the SMTP  protocol
+              In  the context of email address verification, the SMTP protocol
               stage that determines whether an email address is deliverable.
 
        Available with Postfix 3.1 and later:
@@ -1101,7 +1102,7 @@ SMTP(8)                                                                SMTP(8)
        Available in Postfix 3.7 and later:
 
        <b><a href="postconf.5.html#smtp_bind_address_enforce">smtp_bind_address_enforce</a> (no)</b>
-              Defer delivery when the Postfix SMTP  client  cannot  apply  the
+              Defer  delivery  when  the  Postfix SMTP client cannot apply the
               <a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> or <a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> setting.
 
 <b><a name="see_also">SEE ALSO</a></b>
diff --git a/postfix/html/postconf.5.html b/postfix/html/postconf.5.html
index 91e4ca42d..561550377 100644
--- a/postfix/html/postconf.5.html
+++ b/postfix/html/postconf.5.html
@@ -11010,11 +11010,11 @@ use the same program name. </p>
 <p> Example <a href="master.5.html">master.cf</a> entries: </p>
 
 <pre>
-# Distinguish inbound MTA logging from submission and smtps logging.
+# Distinguish inbound MTA logging from submission and submissions logging.
 smtp      inet  n       -       n       -       -       smtpd
 submission inet n       -       n       -       -       smtpd
     -o <a href="postconf.5.html#syslog_name">syslog_name</a>=postfix/$<a href="postconf.5.html#service_name">service_name</a>
-smtps     inet  n       -       n       -       -       smtpd
+submissions inet n      -       n       -       -       smtpd
     -o <a href="postconf.5.html#syslog_name">syslog_name</a>=postfix/$<a href="postconf.5.html#service_name">service_name</a>
 </pre>
 
@@ -13274,7 +13274,7 @@ TLS connection reuse</a>" for background details. </p>
 </DD>
 
 <DT><b><a name="smtp_tls_dane_insecure_mx_policy">smtp_tls_dane_insecure_mx_policy</a>
-(default: see "postconf -d" output)</b></DT><DD>
+(default: dane)</b></DT><DD>
 
 <p> The TLS policy for MX hosts with "secure" TLSA records when the
 nexthop destination security level is <b>dane</b>, but the MX
@@ -13298,10 +13298,9 @@ authentication succeeds, it will be logged only as "Trusted", not
 "Verified", because the MX host name could have been forged.  </dd>
 </dl>
 
-<p> The default setting for Postfix &ge; 3.6 is "dane" with
-"<a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = dane", otherwise "may". This behavior
-was backported to Postfix versions 3.5.9, 3.4.19, 3.3.16. 3.2.21.
-With earlier Postfix versions the default setting was always "dane".
+<p> The default setting is "dane" as of Postfix versions 3.6.17,
+3.7.13, 3.8.8, 3.9.2, and 3.10.0. With earlier versions the default
+was mistakenly dependent on the <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> setting.
 </p>
 
 <p> Though with "insecure" MX records an active attacker can
@@ -14823,21 +14822,22 @@ example.com     verify  match=hostname:nexthop
 (default: no)</b></DT><DD>
 
 <p> Request that the Postfix SMTP client connects using the
-SUBMISSIONS/SMTPS protocol instead of using the STARTTLS command. </p>
+SUBMISSIONS (formerly called SMTPS) protocol instead of using the
+STARTTLS command. </p>
 
 <p> This mode requires "<a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = encrypt" or
 stronger. </p>
 
-<p> Example: deliver all remote mail via a provider's server
-"mail.example.com".  </p>
+<p> Example: deliver all remote mail via a provider's submissions
+service at "mail.example.com".  </p>
 
 <pre>
 /etc/postfix/<a href="postconf.5.html">main.cf</a>:
-    # Client-side SMTPS requires "encrypt" or stronger.
+    # Client-side SUBMISSIONS requires "encrypt" or stronger.
     <a href="postconf.5.html#smtp_tls_security_level">smtp_tls_security_level</a> = encrypt
     <a href="postconf.5.html#smtp_tls_wrappermode">smtp_tls_wrappermode</a> = yes
     # The [] suppress MX lookups.
-    <a href="postconf.5.html#relayhost">relayhost</a> = [mail.example.com]:465
+    <a href="postconf.5.html#relayhost">relayhost</a> = [mail.example.com]:submissions
 </pre>
 
 <p> More examples are in <a href="TLS_README.html">TLS_README</a>, including examples for older
@@ -17925,7 +17925,8 @@ envelope sender
 
 <blockquote> <p> Note: to enforce that the From: header address
 matches the envelope sender (MAIL FROM) address, use an external
-filter such as a Milter, for the submission, submissions, or smtps
+filter such as a Milter, for the submission or submissions (formerly
+called smtps )
 services. For example: <a href="https://github.com/magcks/milterfrom">https://github.com/magcks/milterfrom</a>. </p>
 </blockquote>
 
@@ -18033,8 +18034,8 @@ that they do not explicitly own.
 <br>
 Note: to enforce that the From: header address matches the envelope
 sender (MAIL FROM) address, use an external filter such as a Milter,
-for the submission, submissions, or smtps services. For example:
-<a href="https://github.com/magcks/milterfrom">https://github.com/magcks/milterfrom</a>.
+for the submission or submissions (formerly called smtps) services.
+For example: <a href="https://github.com/magcks/milterfrom">https://github.com/magcks/milterfrom</a>.
 <br>
 This feature is available in Postfix version 2.1 and later. </dd>
 
@@ -18054,8 +18055,8 @@ unlisted MAIL FROM address.
 <br>
 Note: to enforce that the From: header address matches the envelope
 sender (MAIL FROM) address, use an external filter such as a Milter,
-for the submission, submissions, or smtps services. For example:
-<a href="https://github.com/magcks/milterfrom">https://github.com/magcks/milterfrom</a>.
+for the submission or submissions (formerly called smtps) services.
+For example: <a href="https://github.com/magcks/milterfrom">https://github.com/magcks/milterfrom</a>.
 <br>
 This feature is available in Postfix version 2.11 and later.</dd>
 
@@ -18100,8 +18101,8 @@ using any MAIL FROM address that is listed in $<a href="postconf.5.html#smtpd_se
 <br>
 Note: to enforce that the From: header address matches the envelope
 sender (MAIL FROM) address, use an external filter such as a Milter,
-for the submission, submissions, or smtps services. For example:
-<a href="https://github.com/magcks/milterfrom">https://github.com/magcks/milterfrom</a>.
+for the submission or submissions (formerly called smtps) services.
+For example: <a href="https://github.com/magcks/milterfrom">https://github.com/magcks/milterfrom</a>.
 <br>
 This feature is available in Postfix version 2.1 and later.</dd>
 
@@ -18872,6 +18873,8 @@ this parameter is always ignored, and Postfix behaves as though the
 <b>auto</b> value (described below) was chosen.
 </p>
 
+<p> This feature is not used as of Postfix 3.6. Do not specify. </p>
+
 <p> The available choices are: </p>
 
 <dl>
@@ -19526,8 +19529,8 @@ instead of using the STARTTLS command. </p>
 
 <p> If you want to support this service, enable a special port in
 <a href="master.5.html">master.cf</a>, and specify "-o <a href="postconf.5.html#smtpd_tls_wrappermode">smtpd_tls_wrappermode</a>=yes" on the SMTP
-server's command line. Port 465 (submissions/smtps) is reserved for
-this purpose. </p>
+server's command line. Port 465 (submissions, formerly called smtps)
+is reserved for this purpose. </p>
 
 <p> This feature is available in Postfix 2.2 and later.  </p>
 
@@ -20083,6 +20086,47 @@ MinProtocol = TLSv1
 </pre>
 </blockquote>
 
+<p> Example: Custom OpenSSL group settings. </p>
+
+<pre>
+<a href="postconf.5.html">main.cf</a>:
+    <a href="postconf.5.html#tls_config_file">tls_config_file</a> = ${<a href="postconf.5.html#config_directory">config_directory</a>}/openssl.cnf
+    <a href="postconf.5.html#tls_config_name">tls_config_name</a> = postfix
+</pre>
+
+<pre>
+openssl.cnf:
+    postfix = postfix_settings
+</pre>
+
+<pre>
+    [postfix_settings]
+    ssl_conf = postfix_ssl_settings
+</pre>
+
+<pre>
+    [postfix_ssl_settings]
+    system_default = baseline_postfix_settings
+</pre>
+
+<pre>
+    [baseline_postfix_settings]
+    # New OpenSSL 3.5 syntax, for older releases consider
+    # the Postfix default:
+    #
+    # Groups = X25519:X448:prime256v1:secp384r1:secp521r1:ffdhe2048:ffdhe3072
+    #
+    Groups = *X25519MLKEM768 / *X25519:X448 / P-256:P-384
+</pre>
+
+<p> Caution: It is typically best to just use the default group
+settings, for which no $<a href="postconf.5.html#tls_config_file">tls_config_file</a> is required (you can set
+"<a href="postconf.5.html#tls_config_file">tls_config_file</a> = none", to avoid unwanted leakage of system-wide
+settings that strive to harden HTTPS against mostly browser-specific
+security and privacy issues into Postfix use of opportunistic TLS,
+where they're they can be counterproductive, leading to downgrades
+to cleartext, rather than more "secure" TLS). </p>
+
 <p> This feature is available in Postfix &ge; 3.9, 3.8.1, 3.7.6,
 3.6.10, and 3.5.20. </p>
 
@@ -20274,8 +20318,7 @@ be using 0.9.6! </dd>
 (default: see "postconf -d" output)</b></DT><DD>
 
 <p> The prioritized list of elliptic curves, that should be enabled in the
-Postfix SMTP client and server.  These are used by the Postfix SMTP server when
-"<a href="postconf.5.html#smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a> = auto".  The selected curves should be implemented
+Postfix SMTP client and server.  The selected curves should be implemented
 by OpenSSL and be standardized for use in the TLS "supported groups" extension
 (<a href="https://tools.ietf.org/html/rfc8422">RFC8422</a>, <a href="https://tools.ietf.org/html/rfc8446">RFC8446</a> and <a href="https://tools.ietf.org/html/rfc8447">RFC8447</a>).  Be sure to include at least "x25519" and
 "prime256v1" (the OpenSSL name for "secp256r1", a.k.a. "P-256").  The default
@@ -20300,6 +20343,14 @@ customizing the list of FFDHE groups enabled with TLS 1.3.  That setting
 is introduced with Postfix 3.8, when built against OpenSSL 3.0 or later.
 </p>
 
+<p> Post-quantum cryptography support: OpenSSL 3.5 introduces new
+configuration syntax that Postfix will not attempt to imitate.
+Instead, with Postfix 3.6.17, 3.7.13, 3.8.8, 3.9.2, and later, set
+both <a href="postconf.5.html#tls_eecdh_auto_curves">tls_eecdh_auto_curves</a> and if available <a href="postconf.5.html#tls_ffdhe_auto_groups">tls_ffdhe_auto_groups</a>
+to the empty value, to enable algorithm selection through OpenSSL
+configuration. See <a href="postconf.5.html#tls_config_file">tls_config_file</a> for a configuration example.
+</p>
+
 <p> This feature is available in Postfix 3.2 and later, when it is
 compiled and linked with OpenSSL 1.0.2 or later on platforms where
 EC algorithms have not been disabled by the vendor. </p>
@@ -20323,6 +20374,8 @@ must support this curve for EECDH key exchange to take place.  It
 is unwise to choose only "bleeding-edge" curves supported by only a
 small subset of clients.  </p>
 
+<p> This feature is not used as of Postfix 3.6. Do not specify. </p>
+
 <p> The default "strong" curve is rated in NSA <a
 href="https://web.archive.org/web/20160330034144/https://www.nsa.gov/ia/programs/suiteb_cryptography/">Suite
 B</a> for information classified up to SECRET.  </p>
@@ -20367,6 +20420,8 @@ client implementations must support this curve for EECDH key exchange
 to take place.  It is unwise to choose only "bleeding-edge" curves
 supported by only a small subset of clients. </p>
 
+<p> This feature is not used as of Postfix 3.6. Do not specify. </p>
+
 <p> This default "ultra" curve is rated in NSA <a
 href="https://web.archive.org/web/20160330034144/https://www.nsa.gov/ia/programs/suiteb_cryptography/">Suite
 B</a> for information classified up to TOP SECRET. </p>
@@ -20443,10 +20498,15 @@ on whether any of the "kDHE" ciphers are included in the cipherlist.
 </p>
 
 <p> Conversely, setting "<a href="postconf.5.html#tls_eecdh_auto_curves">tls_eecdh_auto_curves</a>" empty disables TLS 1.3
-EC key agreement in OpenSSL 3.0 and later.  Note that at least one of
-"<a href="postconf.5.html#tls_eecdh_auto_curves">tls_eecdh_auto_curves</a>" and "<a href="postconf.5.html#tls_ffdhe_auto_groups">tls_ffdhe_auto_groups</a>" must be non-empty,
-this is required by OpenSSL 3.0.  If both are inadvertently set empty,
-Postfix will fall back to the compiled-in defaults. </p>
+EC key agreement in OpenSSL 3.0 and later. If both are set empty,
+Postfix will fall back to OpenSSL preferences as described next. </p>
+
+<p> Post-quantum cryptography support: OpenSSL 3.5 introduces new
+configuration syntax that Postfix will not attempt to imitate.
+Instead, with Postfix 3.6.17, 3.7.13, 3.8.8, 3.9.2, and later, set
+both <a href="postconf.5.html#tls_eecdh_auto_curves">tls_eecdh_auto_curves</a> and <a href="postconf.5.html#tls_ffdhe_auto_groups">tls_ffdhe_auto_groups</a> to the empty
+value, to enable algorithm selection through OpenSSL configuration.
+See <a href="postconf.5.html#tls_config_file">tls_config_file</a> for a configuration example. </p>
 
 <p> All the default groups and EC curves should be sufficiently strong to make
 "pruning" the defaults unwise.  At a minimum, "x25519" and "prime256v1" (the
@@ -21401,7 +21461,7 @@ the "<a href="postconf.5.html#tlsproxy_tls_chain_files">tlsproxy_tls_chain_files
 elliptic-curve Diffie-Hellman (EECDH) key exchange. See
 <a href="postconf.5.html#smtpd_tls_eecdh_grade">smtpd_tls_eecdh_grade</a> for further details. </p>
 
-<p> This feature is deprecated as of Postfix 3.9. Do not specify. </p>
+<p> This feature is not used as of Postfix 3.6. Do not specify. </p>
 
 <p> This feature is available in Postfix 2.8 and later. </p>
 
@@ -22352,8 +22412,8 @@ process. </p>
 
 <p> Specify zero or more service names separated by comma and/or
 whitespace. Any name in the services(5) database may be specified,
-though in practice only submission, submissions, and smtp make
-sense.  </p>
+though in practice only submission or submissions (formerly called
+smtp) make sense.  </p>
 
 <p> When SRV record lookup is enabled with <a href="postconf.5.html#use_srv_lookup">use_srv_lookup</a>, you can
 enclose a domain name in "[]" to force IP address lookup instead
diff --git a/postfix/html/smtp.8.html b/postfix/html/smtp.8.html
index 5c5b16847..f5a3945b6 100644
--- a/postfix/html/smtp.8.html
+++ b/postfix/html/smtp.8.html
@@ -691,19 +691,20 @@ SMTP(8)                                                                SMTP(8)
 
        <b><a href="postconf.5.html#smtp_tls_wrappermode">smtp_tls_wrappermode</a> (no)</b>
               Request  that the Postfix SMTP client connects using the SUBMIS-
-              SIONS/SMTPS protocol instead of using the STARTTLS command.
+              SIONS (formerly called SMTPS)  protocol  instead  of  using  the
+              STARTTLS command.
 
        Available in Postfix version 3.1 and later:
 
-       <b><a href="postconf.5.html#smtp_tls_dane_insecure_mx_policy">smtp_tls_dane_insecure_mx_policy</a> (see 'postconf -d' output)</b>
-              The TLS policy for MX hosts with "secure" TLSA records when  the
-              nexthop  destination  security  level is <b>dane</b>, but the MX record
+       <b><a href="postconf.5.html#smtp_tls_dane_insecure_mx_policy">smtp_tls_dane_insecure_mx_policy</a> (dane)</b>
+              The  TLS policy for MX hosts with "secure" TLSA records when the
+              nexthop destination security level is <b>dane</b>, but  the  MX  record
               was found via an "insecure" MX lookup.
 
        Available in Postfix version 3.2 and later:
 
        <b><a href="postconf.5.html#tls_eecdh_auto_curves">tls_eecdh_auto_curves</a> (see 'postconf -d' output)</b>
-              The prioritized list of elliptic curves, that should be  enabled
+              The  prioritized list of elliptic curves, that should be enabled
               in the Postfix SMTP client and server.
 
        Available in Postfix version 3.4 and later:
@@ -712,23 +713,23 @@ SMTP(8)                                                                SMTP(8)
               Try to make multiple deliveries per TLS-encrypted connection.
 
        <b><a href="postconf.5.html#smtp_tls_chain_files">smtp_tls_chain_files</a> (empty)</b>
-              List  of one or more PEM files, each holding one or more private
+              List of one or more PEM files, each holding one or more  private
               keys directly followed by a corresponding certificate chain.
 
        <b><a href="postconf.5.html#smtp_tls_servername">smtp_tls_servername</a> (empty)</b>
-              Optional name to send to the  remote  SMTP  server  in  the  TLS
+              Optional  name  to  send  to  the  remote SMTP server in the TLS
               Server Name Indication (SNI) extension.
 
        Available in Postfix 3.5, 3.4.6, 3.3.5, 3.2.10, 3.1.13 and later:
 
        <b><a href="postconf.5.html#tls_fast_shutdown_enable">tls_fast_shutdown_enable</a> (yes)</b>
-              A  workaround  for implementations that hang Postfix while shut-
+              A workaround for implementations that hang Postfix  while  shut-
               ting down a TLS session, until Postfix times out.
 
        Available in Postfix version 3.8 and later:
 
        <b><a href="postconf.5.html#tls_ffdhe_auto_groups">tls_ffdhe_auto_groups</a> (see 'postconf -d' output)</b>
-              The prioritized list of  finite-field  Diffie-Hellman  ephemeral
+              The  prioritized  list  of finite-field Diffie-Hellman ephemeral
               (FFDHE) key exchange groups supported by the Postfix SMTP client
               and server.
 
@@ -738,13 +739,13 @@ SMTP(8)                                                                SMTP(8)
               Optional configuration file with baseline OpenSSL settings.
 
        <b><a href="postconf.5.html#tls_config_name">tls_config_name</a> (empty)</b>
-              The application name passed by Postfix to OpenSSL  library  ini-
+              The  application  name passed by Postfix to OpenSSL library ini-
               tialization functions.
 
        Available in Postfix version 3.9 and later:
 
        <b><a href="postconf.5.html#smtp_tls_enable_rpk">smtp_tls_enable_rpk</a> (no)</b>
-              Request  that remote SMTP servers send an <a href="https://tools.ietf.org/html/rfc7250">RFC7250</a> raw public key
+              Request that remote SMTP servers send an <a href="https://tools.ietf.org/html/rfc7250">RFC7250</a> raw public  key
               instead of an X.509 certificate.
 
        Available in Postfix version 3.10 and later:
@@ -758,7 +759,7 @@ SMTP(8)                                                                SMTP(8)
 
        <b><a href="postconf.5.html#smtp_tlsrpt_skip_reused_handshakes">smtp_tlsrpt_skip_reused_handshakes</a> (yes)</b>
               Do not report the TLSRPT status for TLS protocol handshakes that
-              reuse a previously-negotiated  TLS  session  (there  is  no  new
+              reuse  a  previously-negotiated  TLS  session  (there  is no new
               information to report).
 
        <b><a href="postconf.5.html#tls_required_enable">tls_required_enable</a> (yes)</b>
@@ -766,40 +767,40 @@ SMTP(8)                                                                SMTP(8)
               defined in <a href="https://tools.ietf.org/html/rfc8689">RFC 8689</a>.
 
 <b><a name="obsolete_starttls_controls">OBSOLETE STARTTLS CONTROLS</a></b>
-       The following configuration parameters  exist  for  compatibility  with
-       Postfix  versions  before  2.3.  Support for these will be removed in a
+       The  following  configuration  parameters  exist for compatibility with
+       Postfix versions before 2.3. Support for these will  be  removed  in  a
        future release.
 
        <b><a href="postconf.5.html#smtp_use_tls">smtp_use_tls</a> (no)</b>
-              Opportunistic mode: use TLS when a remote SMTP server  announces
+              Opportunistic  mode: use TLS when a remote SMTP server announces
               STARTTLS support, otherwise send the mail in the clear.
 
        <b><a href="postconf.5.html#smtp_enforce_tls">smtp_enforce_tls</a> (no)</b>
-              Enforcement  mode:  require  that  remote  SMTP  servers use TLS
+              Enforcement mode: require  that  remote  SMTP  servers  use  TLS
               encryption, and never send mail in the clear.
 
        <b><a href="postconf.5.html#smtp_tls_enforce_peername">smtp_tls_enforce_peername</a> (yes)</b>
-              With mandatory TLS encryption,  require  that  the  remote  SMTP
-              server  hostname  matches  the  information  in  the remote SMTP
+              With  mandatory  TLS  encryption,  require  that the remote SMTP
+              server hostname matches  the  information  in  the  remote  SMTP
               server certificate.
 
        <b><a href="postconf.5.html#smtp_tls_per_site">smtp_tls_per_site</a> (empty)</b>
-              Optional lookup tables with the Postfix SMTP  client  TLS  usage
-              policy  by  next-hop destination and by remote SMTP server host-
+              Optional  lookup  tables  with the Postfix SMTP client TLS usage
+              policy by next-hop destination and by remote SMTP  server  host-
               name.
 
        <b><a href="postconf.5.html#smtp_tls_cipherlist">smtp_tls_cipherlist</a> (empty)</b>
-              Obsolete Postfix &lt; 2.3 control for the Postfix SMTP  client  TLS
+              Obsolete  Postfix  &lt; 2.3 control for the Postfix SMTP client TLS
               cipher list.
 
 <b><a name="resource_and_rate_controls">RESOURCE AND RATE CONTROLS</a></b>
        <b><a href="postconf.5.html#smtp_connect_timeout">smtp_connect_timeout</a> (30s)</b>
-              The  Postfix SMTP client time limit for completing a TCP connec-
+              The Postfix SMTP client time limit for completing a TCP  connec-
               tion, or zero (use the operating system built-in time limit).
 
        <b><a href="postconf.5.html#smtp_helo_timeout">smtp_helo_timeout</a> (300s)</b>
-              The Postfix SMTP client time limit for sending the HELO or  EHLO
-              command,  and  for  receiving  the  initial  remote  SMTP server
+              The  Postfix SMTP client time limit for sending the HELO or EHLO
+              command, and  for  receiving  the  initial  remote  SMTP  server
               response.
 
        <b><a href="postconf.5.html#lmtp_lhlo_timeout">lmtp_lhlo_timeout</a> (300s)</b>
@@ -811,19 +812,19 @@ SMTP(8)                                                                SMTP(8)
               mand, and for receiving the remote SMTP server response.
 
        <b><a href="postconf.5.html#smtp_mail_timeout">smtp_mail_timeout</a> (300s)</b>
-              The Postfix SMTP client time limit for  sending  the  MAIL  FROM
+              The  Postfix  SMTP  client  time limit for sending the MAIL FROM
               command, and for receiving the remote SMTP server response.
 
        <b><a href="postconf.5.html#smtp_rcpt_timeout">smtp_rcpt_timeout</a> (300s)</b>
-              The  Postfix SMTP client time limit for sending the SMTP RCPT TO
+              The Postfix SMTP client time limit for sending the SMTP RCPT  TO
               command, and for receiving the remote SMTP server response.
 
        <b><a href="postconf.5.html#smtp_data_init_timeout">smtp_data_init_timeout</a> (120s)</b>
-              The Postfix SMTP client time limit for  sending  the  SMTP  DATA
+              The  Postfix  SMTP  client  time limit for sending the SMTP DATA
               command, and for receiving the remote SMTP server response.
 
        <b><a href="postconf.5.html#smtp_data_xfer_timeout">smtp_data_xfer_timeout</a> (180s)</b>
-              The  Postfix SMTP client time limit for sending the SMTP message
+              The Postfix SMTP client time limit for sending the SMTP  message
               content.
 
        <b><a href="postconf.5.html#smtp_data_done_timeout">smtp_data_done_timeout</a> (600s)</b>
@@ -837,13 +838,13 @@ SMTP(8)                                                                SMTP(8)
        Available in Postfix version 2.1 and later:
 
        <b><a href="postconf.5.html#smtp_mx_address_limit">smtp_mx_address_limit</a> (5)</b>
-              The maximal number of MX (mail exchanger) IP addresses that  can
-              result  from Postfix SMTP client mail exchanger lookups, or zero
+              The  maximal number of MX (mail exchanger) IP addresses that can
+              result from Postfix SMTP client mail exchanger lookups, or  zero
               (no limit).
 
        <b><a href="postconf.5.html#smtp_mx_session_limit">smtp_mx_session_limit</a> (2)</b>
-              The maximal number of SMTP sessions per delivery request  before
-              the  Postfix  SMTP  client  gives  up or delivers to a fall-back
+              The  maximal number of SMTP sessions per delivery request before
+              the Postfix SMTP client gives up  or  delivers  to  a  fall-back
               <a href="postconf.5.html#relayhost">relay host</a>, or zero (no limit).
 
        <b><a href="postconf.5.html#smtp_rset_timeout">smtp_rset_timeout</a> (20s)</b>
@@ -853,17 +854,17 @@ SMTP(8)                                                                SMTP(8)
        Available in Postfix version 2.2 and earlier:
 
        <b><a href="postconf.5.html#lmtp_cache_connection">lmtp_cache_connection</a> (yes)</b>
-              Keep  Postfix  LMTP  client connections open for up to $<a href="postconf.5.html#max_idle">max_idle</a>
+              Keep Postfix LMTP client connections open for  up  to  $<a href="postconf.5.html#max_idle">max_idle</a>
               seconds.
 
        Available in Postfix version 2.2 and later:
 
        <b><a href="postconf.5.html#smtp_connection_cache_destinations">smtp_connection_cache_destinations</a> (empty)</b>
-              Permanently enable SMTP connection  caching  for  the  specified
+              Permanently  enable  SMTP  connection  caching for the specified
               destinations.
 
        <b><a href="postconf.5.html#smtp_connection_cache_on_demand">smtp_connection_cache_on_demand</a> (yes)</b>
-              Temporarily  enable  SMTP connection caching while a destination
+              Temporarily enable SMTP connection caching while  a  destination
               has a high volume of mail in the <a href="QSHAPE_README.html#active_queue">active queue</a>.
 
        <b><a href="postconf.5.html#smtp_connection_reuse_time_limit">smtp_connection_reuse_time_limit</a> (300s)</b>
@@ -877,23 +878,23 @@ SMTP(8)                                                                SMTP(8)
        Available in Postfix version 2.3 and later:
 
        <b><a href="postconf.5.html#connection_cache_protocol_timeout">connection_cache_protocol_timeout</a> (5s)</b>
-              Time limit for connection cache connect, send or receive  opera-
+              Time  limit for connection cache connect, send or receive opera-
               tions.
 
        Available in Postfix version 2.9 - 3.6:
 
        <b><a href="postconf.5.html#smtp_per_record_deadline">smtp_per_record_deadline</a> (no)</b>
-              Change  the  behavior  of the smtp_*_timeout time limits, from a
-              time limit per read or write system call, to  a  time  limit  to
-              send  or  receive  a complete record (an SMTP command line, SMTP
-              response line, SMTP message content line, or TLS  protocol  mes-
+              Change the behavior of the smtp_*_timeout time  limits,  from  a
+              time  limit  per  read  or write system call, to a time limit to
+              send or receive a complete record (an SMTP  command  line,  SMTP
+              response  line,  SMTP message content line, or TLS protocol mes-
               sage).
 
        Available in Postfix version 2.11 and later:
 
        <b><a href="postconf.5.html#smtp_connection_reuse_count_limit">smtp_connection_reuse_count_limit</a> (0)</b>
-              When  SMTP  connection  caching  is enabled, the number of times
-              that an SMTP session may be reused before it is closed, or  zero
+              When SMTP connection caching is enabled,  the  number  of  times
+              that  an SMTP session may be reused before it is closed, or zero
               (no limit).
 
        Available in Postfix version 3.4 and later:
@@ -904,13 +905,13 @@ SMTP(8)                                                                SMTP(8)
        Available in Postfix version 3.7 and later:
 
        <b><a href="postconf.5.html#smtp_per_request_deadline">smtp_per_request_deadline</a> (no)</b>
-              Change  the  behavior  of the smtp_*_timeout time limits, from a
-              time limit per plaintext or TLS read or write call,  to  a  com-
-              bined  time  limit  for  sending a complete SMTP request and for
+              Change the behavior of the smtp_*_timeout time  limits,  from  a
+              time  limit  per  plaintext or TLS read or write call, to a com-
+              bined time limit for sending a complete  SMTP  request  and  for
               receiving a complete SMTP response.
 
        <b><a href="postconf.5.html#smtp_min_data_rate">smtp_min_data_rate</a> (500)</b>
-              The minimum plaintext data transfer  rate  in  bytes/second  for
+              The  minimum  plaintext  data  transfer rate in bytes/second for
               DATA    requests,    when    deadlines    are    enabled    with
               <a href="postconf.5.html#smtp_per_request_deadline">smtp_per_request_deadline</a>.
 
@@ -918,54 +919,54 @@ SMTP(8)                                                                SMTP(8)
 
        <b><a href="postconf.5.html#transport_destination_concurrency_limit">transport_destination_concurrency_limit</a>   ($<a href="postconf.5.html#default_destination_concurrency_limit">default_destination_concur</a>-</b>
        <b><a href="postconf.5.html#default_destination_concurrency_limit">rency_limit</a>)</b>
-              A transport-specific override for  the  <a href="postconf.5.html#default_destination_concurrency_limit">default_destination_con</a>-
+              A  transport-specific  override for the <a href="postconf.5.html#default_destination_concurrency_limit">default_destination_con</a>-
               <a href="postconf.5.html#default_destination_concurrency_limit">currency_limit</a> parameter value, where <i>transport</i> is the <a href="master.5.html">master.cf</a>
               name of the message delivery transport.
 
        <b><a href="postconf.5.html#transport_destination_recipient_limit">transport_destination_recipient_limit</a>     ($<a href="postconf.5.html#default_destination_recipient_limit">default_destination_recipi</a>-</b>
        <b><a href="postconf.5.html#default_destination_recipient_limit">ent_limit</a>)</b>
               A transport-specific override for the <a href="postconf.5.html#default_destination_recipient_limit">default_destination_recip</a>-
-              <a href="postconf.5.html#default_destination_recipient_limit">ient_limit</a>  parameter  value,  where  <i>transport</i> is the <a href="master.5.html">master.cf</a>
+              <a href="postconf.5.html#default_destination_recipient_limit">ient_limit</a> parameter value, where  <i>transport</i>  is  the  <a href="master.5.html">master.cf</a>
               name of the message delivery transport.
 
 <b><a name="smtputf8_controls">SMTPUTF8 CONTROLS</a></b>
        Preliminary SMTPUTF8 support is introduced with Postfix 3.0.
 
        <b><a href="postconf.5.html#smtputf8_enable">smtputf8_enable</a> (yes)</b>
-              Enable preliminary SMTPUTF8 support for the protocols  described
+              Enable  preliminary SMTPUTF8 support for the protocols described
               in <a href="https://tools.ietf.org/html/rfc6531">RFC 6531</a>, <a href="https://tools.ietf.org/html/rfc6532">RFC 6532</a>, and <a href="https://tools.ietf.org/html/rfc6533">RFC 6533</a>.
 
        <b><a href="postconf.5.html#smtputf8_autodetect_classes">smtputf8_autodetect_classes</a> (sendmail, verify)</b>
-              Detect  that  a message requires SMTPUTF8 support for the speci-
+              Detect that a message requires SMTPUTF8 support for  the  speci-
               fied mail origin classes.
 
        Available in Postfix version 3.2 and later:
 
        <b><a href="postconf.5.html#enable_idna2003_compatibility">enable_idna2003_compatibility</a> (no)</b>
-              Enable  'transitional'  compatibility   between   IDNA2003   and
-              IDNA2008,  when  converting UTF-8 domain names to/from the ASCII
+              Enable   'transitional'   compatibility   between  IDNA2003  and
+              IDNA2008, when converting UTF-8 domain names to/from  the  ASCII
               form that is used for DNS lookups.
 
 <b><a name="trouble_shooting_controls">TROUBLE SHOOTING CONTROLS</a></b>
        <b><a href="postconf.5.html#debug_peer_level">debug_peer_level</a> (2)</b>
-              The increment in verbose logging level when a  nexthop  destina-
-              tion,  remote client or server name or network address matches a
+              The  increment  in verbose logging level when a nexthop destina-
+              tion, remote client or server name or network address matches  a
               pattern given with the <a href="postconf.5.html#debug_peer_list">debug_peer_list</a> parameter.
 
        <b><a href="postconf.5.html#debug_peer_list">debug_peer_list</a> (empty)</b>
-              Optional list of nexthop destination, remote  client  or  server
-              name  or  network  address  patterns that, if matched, cause the
-              verbose logging level to increase by  the  amount  specified  in
+              Optional  list  of  nexthop destination, remote client or server
+              name or network address patterns that,  if  matched,  cause  the
+              verbose  logging  level  to  increase by the amount specified in
               $<a href="postconf.5.html#debug_peer_level">debug_peer_level</a>.
 
        <b><a href="postconf.5.html#error_notice_recipient">error_notice_recipient</a> (postmaster)</b>
-              The  recipient  of  postmaster notifications about mail delivery
+              The recipient of postmaster notifications  about  mail  delivery
               problems that are caused by policy, resource, software or proto-
               col errors.
 
        <b><a href="postconf.5.html#internal_mail_filter_classes">internal_mail_filter_classes</a> (empty)</b>
-              What   categories  of  Postfix-generated  mail  are  subject  to
-              before-queue   content    inspection    by    <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>,
+              What  categories  of  Postfix-generated  mail  are  subject   to
+              before-queue    content    inspection    by   <a href="postconf.5.html#non_smtpd_milters">non_smtpd_milters</a>,
               <a href="postconf.5.html#header_checks">header_checks</a> and <a href="postconf.5.html#body_checks">body_checks</a>.
 
        <b><a href="postconf.5.html#notify_classes">notify_classes</a> (resource, software)</b>
@@ -973,46 +974,46 @@ SMTP(8)                                                                SMTP(8)
 
 <b><a name="miscellaneous_controls">MISCELLANEOUS CONTROLS</a></b>
        <b><a href="postconf.5.html#best_mx_transport">best_mx_transport</a> (empty)</b>
-              Where  the  Postfix  SMTP  client  should  deliver  mail when it
+              Where the Postfix  SMTP  client  should  deliver  mail  when  it
               detects a "mail loops back to myself" error condition.
 
        <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
-              The default location of the Postfix <a href="postconf.5.html">main.cf</a> and  <a href="master.5.html">master.cf</a>  con-
+              The  default  location of the Postfix <a href="postconf.5.html">main.cf</a> and <a href="master.5.html">master.cf</a> con-
               figuration files.
 
        <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
-              How  much  time  a  Postfix  daemon process may take to handle a
+              How much time a Postfix daemon process  may  take  to  handle  a
               request before it is terminated by a built-in watchdog timer.
 
        <b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b>
-              The maximal number of digits after the decimal point  when  log-
+              The  maximal  number of digits after the decimal point when log-
               ging delay values.
 
        <b><a href="postconf.5.html#disable_dns_lookups">disable_dns_lookups</a> (no)</b>
               Disable DNS lookups in the Postfix SMTP and LMTP clients.
 
        <b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
-              The  local  network  interface  addresses  that this mail system
+              The local network interface  addresses  that  this  mail  system
               receives mail on.
 
        <b><a href="postconf.5.html#inet_protocols">inet_protocols</a> (see 'postconf -d' output)</b>
-              The Internet protocols Postfix will attempt to use  when  making
+              The  Internet  protocols Postfix will attempt to use when making
               or accepting connections.
 
        <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
-              The  time  limit  for  sending  or receiving information over an
+              The time limit for sending  or  receiving  information  over  an
               internal communication channel.
 
        <b><a href="postconf.5.html#lmtp_assume_final">lmtp_assume_final</a> (no)</b>
-              When a remote LMTP server announces no DSN support, assume  that
-              the  server performs final delivery, and send "delivered" deliv-
+              When  a remote LMTP server announces no DSN support, assume that
+              the server performs final delivery, and send "delivered"  deliv-
               ery status notifications instead of "relayed".
 
        <b><a href="postconf.5.html#lmtp_tcp_port">lmtp_tcp_port</a> (24)</b>
               The default TCP port that the Postfix LMTP client connects to.
 
        <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
-              The maximum amount of time that an idle Postfix  daemon  process
+              The  maximum  amount of time that an idle Postfix daemon process
               waits for an incoming connection before terminating voluntarily.
 
        <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
@@ -1026,21 +1027,21 @@ SMTP(8)                                                                SMTP(8)
               The process name of a Postfix command or daemon process.
 
        <b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
-              The  remote  network  interface  addresses that this mail system
-              receives mail on by way of a proxy or network  address  transla-
+              The remote network interface addresses  that  this  mail  system
+              receives  mail  on by way of a proxy or network address transla-
               tion unit.
 
        <b><a href="postconf.5.html#smtp_address_preference">smtp_address_preference</a> (any)</b>
               The address type ("ipv6", "ipv4" or "any") that the Postfix SMTP
-              client will try first, when a  destination  has  IPv6  and  IPv4
+              client  will  try  first,  when  a destination has IPv6 and IPv4
               addresses with equal MX preference.
 
        <b><a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> (empty)</b>
-              An  optional  numerical  network  address  that the Postfix SMTP
+              An optional numerical network  address  that  the  Postfix  SMTP
               client should bind to when making an IPv4 connection.
 
        <b><a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> (empty)</b>
-              An optional numerical network  address  that  the  Postfix  SMTP
+              An  optional  numerical  network  address  that the Postfix SMTP
               client should bind to when making an IPv6 connection.
 
        <b><a href="postconf.5.html#smtp_helo_name">smtp_helo_name</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
@@ -1060,7 +1061,7 @@ SMTP(8)                                                                SMTP(8)
               The syslog facility of Postfix logging.
 
        <b><a href="postconf.5.html#syslog_name">syslog_name</a> (see 'postconf -d' output)</b>
-              A prefix that  is  prepended  to  the  process  name  in  syslog
+              A  prefix  that  is  prepended  to  the  process  name in syslog
               records, so that, for example, "smtpd" becomes "prefix/smtpd".
 
        Available with Postfix 2.2 and earlier:
@@ -1072,14 +1073,14 @@ SMTP(8)                                                                SMTP(8)
        Available with Postfix 2.3 and later:
 
        <b><a href="postconf.5.html#smtp_fallback_relay">smtp_fallback_relay</a> ($<a href="postconf.5.html#fallback_relay">fallback_relay</a>)</b>
-              Optional list of relay destinations that will be  used  when  an
-              SMTP  destination  is not found, or when delivery fails due to a
+              Optional  list  of  relay destinations that will be used when an
+              SMTP destination is not found, or when delivery fails due  to  a
               non-permanent error.
 
        Available with Postfix 3.0 and later:
 
        <b><a href="postconf.5.html#smtp_address_verify_target">smtp_address_verify_target</a> (rcpt)</b>
-              In the context of email address verification, the SMTP  protocol
+              In  the context of email address verification, the SMTP protocol
               stage that determines whether an email address is deliverable.
 
        Available with Postfix 3.1 and later:
@@ -1101,7 +1102,7 @@ SMTP(8)                                                                SMTP(8)
        Available in Postfix 3.7 and later:
 
        <b><a href="postconf.5.html#smtp_bind_address_enforce">smtp_bind_address_enforce</a> (no)</b>
-              Defer delivery when the Postfix SMTP  client  cannot  apply  the
+              Defer  delivery  when  the  Postfix SMTP client cannot apply the
               <a href="postconf.5.html#smtp_bind_address">smtp_bind_address</a> or <a href="postconf.5.html#smtp_bind_address6">smtp_bind_address6</a> setting.
 
 <b><a name="see_also">SEE ALSO</a></b>
diff --git a/postfix/man/man5/postconf.5 b/postfix/man/man5/postconf.5
index c9d8793ba..19ca90131 100644
--- a/postfix/man/man5/postconf.5
+++ b/postfix/man/man5/postconf.5
@@ -6872,11 +6872,11 @@ Example master.cf entries:
 .PP
 .nf
 .na
-# Distinguish inbound MTA logging from submission and smtps logging.
+# Distinguish inbound MTA logging from submission and submissions logging.
 smtp      inet  n       \-       n       \-       \-       smtpd
 submission inet n       \-       n       \-       \-       smtpd
     \-o syslog_name=postfix/$service_name
-smtps     inet  n       \-       n       \-       \-       smtpd
+submissions inet n      \-       n       \-       \-       smtpd
     \-o syslog_name=postfix/$service_name
 .fi
 .ad
@@ -8477,7 +8477,7 @@ See "Client\-side
 TLS connection reuse" for background details.
 .PP
 This feature is available in Postfix 3.4 and later.
-.SH smtp_tls_dane_insecure_mx_policy (default: see "postconf \-d" output)
+.SH smtp_tls_dane_insecure_mx_policy (default: dane)
 The TLS policy for MX hosts with "secure" TLSA records when the
 nexthop destination security level is \fBdane\fR, but the MX
 record was found via an "insecure" MX lookup.  The choices are:
@@ -8498,10 +8498,9 @@ authentication succeeds, it will be logged only as "Trusted", not
 "Verified", because the MX host name could have been forged.
 .br
 .br
-The default setting for Postfix >= 3.6 is "dane" with
-"smtp_tls_security_level = dane", otherwise "may". This behavior
-was backported to Postfix versions 3.5.9, 3.4.19, 3.3.16. 3.2.21.
-With earlier Postfix versions the default setting was always "dane".
+The default setting is "dane" as of Postfix versions 3.6.17,
+3.7.13, 3.8.8, 3.9.2, and 3.10.0. With earlier versions the default
+was mistakenly dependent on the smtp_tls_security_level setting.
 .PP
 Though with "insecure" MX records an active attacker can
 compromise SMTP transport security by returning forged MX records,
@@ -9883,22 +9882,23 @@ example.com     verify  match=hostname:nexthop
 This feature is available in Postfix 2.3 and later.
 .SH smtp_tls_wrappermode (default: no)
 Request that the Postfix SMTP client connects using the
-SUBMISSIONS/SMTPS protocol instead of using the STARTTLS command.
+SUBMISSIONS (formerly called SMTPS) protocol instead of using the
+STARTTLS command.
 .PP
 This mode requires "smtp_tls_security_level = encrypt" or
 stronger.
 .PP
-Example: deliver all remote mail via a provider's server
-"mail.example.com".
+Example: deliver all remote mail via a provider's submissions
+service at "mail.example.com".
 .PP
 .nf
 .na
 /etc/postfix/main.cf:
-    # Client\-side SMTPS requires "encrypt" or stronger.
+    # Client\-side SUBMISSIONS requires "encrypt" or stronger.
     smtp_tls_security_level = encrypt
     smtp_tls_wrappermode = yes
     # The [] suppress MX lookups.
-    relayhost = [mail.example.com]:465
+    relayhost = [mail.example.com]:submissions
 .fi
 .ad
 .PP
@@ -12171,7 +12171,8 @@ envelope sender
 .in +4
 Note: to enforce that the From: header address
 matches the envelope sender (MAIL FROM) address, use an external
-filter such as a Milter, for the submission, submissions, or smtps
+filter such as a Milter, for the submission or submissions (formerly
+called smtps )
 services. For example: https://github.com/magcks/milterfrom.
 .in -4
 .PP
@@ -12248,8 +12249,8 @@ that they do not explicitly own.
 .br
 Note: to enforce that the From: header address matches the envelope
 sender (MAIL FROM) address, use an external filter such as a Milter,
-for the submission, submissions, or smtps services. For example:
-https://github.com/magcks/milterfrom.
+for the submission or submissions (formerly called smtps) services.
+For example: https://github.com/magcks/milterfrom.
 .br
 This feature is available in Postfix version 2.1 and later.
 .br
@@ -12268,8 +12269,8 @@ unlisted MAIL FROM address.
 .br
 Note: to enforce that the From: header address matches the envelope
 sender (MAIL FROM) address, use an external filter such as a Milter,
-for the submission, submissions, or smtps services. For example:
-https://github.com/magcks/milterfrom.
+for the submission or submissions (formerly called smtps) services.
+For example: https://github.com/magcks/milterfrom.
 .br
 This feature is available in Postfix version 2.11 and later.
 .br
@@ -12314,8 +12315,8 @@ using any MAIL FROM address that is listed in $smtpd_sender_login_maps.
 .br
 Note: to enforce that the From: header address matches the envelope
 sender (MAIL FROM) address, use an external filter such as a Milter,
-for the submission, submissions, or smtps services. For example:
-https://github.com/magcks/milterfrom.
+for the submission or submissions (formerly called smtps) services.
+For example: https://github.com/magcks/milterfrom.
 .br
 This feature is available in Postfix version 2.1 and later.
 .br
@@ -12973,6 +12974,8 @@ Diffie\-Hellman (EECDH) key exchange.   As of Postfix 3.6, the value of
 this parameter is always ignored, and Postfix behaves as though the
 \fBauto\fR value (described below) was chosen.
 .PP
+This feature is not used as of Postfix 3.6. Do not specify.
+.PP
 The available choices are:
 .IP "\fBauto\fR"
 Use the most preferred curve that is
@@ -13566,8 +13569,8 @@ instead of using the STARTTLS command.
 .PP
 If you want to support this service, enable a special port in
 master.cf, and specify "\-o smtpd_tls_wrappermode=yes" on the SMTP
-server's command line. Port 465 (submissions/smtps) is reserved for
-this purpose.
+server's command line. Port 465 (submissions, formerly called smtps)
+is reserved for this purpose.
 .PP
 This feature is available in Postfix 2.2 and later.
 .SH smtpd_upstream_proxy_protocol (default: empty)
@@ -13942,6 +13945,57 @@ MinProtocol = TLSv1
 .ad
 .in -4
 .PP
+Example: Custom OpenSSL group settings.
+.PP
+.nf
+.na
+main.cf:
+    tls_config_file = ${config_directory}/openssl.cnf
+    tls_config_name = postfix
+.fi
+.ad
+.PP
+.nf
+.na
+openssl.cnf:
+    postfix = postfix_settings
+.fi
+.ad
+.PP
+.nf
+.na
+    [postfix_settings]
+    ssl_conf = postfix_ssl_settings
+.fi
+.ad
+.PP
+.nf
+.na
+    [postfix_ssl_settings]
+    system_default = baseline_postfix_settings
+.fi
+.ad
+.PP
+.nf
+.na
+    [baseline_postfix_settings]
+    # New OpenSSL 3.5 syntax, for older releases consider
+    # the Postfix default:
+    #
+    # Groups = X25519:X448:prime256v1:secp384r1:secp521r1:ffdhe2048:ffdhe3072
+    #
+    Groups = *X25519MLKEM768 / *X25519:X448 / P\-256:P\-384
+.fi
+.ad
+.PP
+Caution: It is typically best to just use the default group
+settings, for which no $tls_config_file is required (you can set
+"tls_config_file = none", to avoid unwanted leakage of system\-wide
+settings that strive to harden HTTPS against mostly browser\-specific
+security and privacy issues into Postfix use of opportunistic TLS,
+where they're they can be counterproductive, leading to downgrades
+to cleartext, rather than more "secure" TLS).
+.PP
 This feature is available in Postfix >= 3.9, 3.8.1, 3.7.6,
 3.6.10, and 3.5.20.
 .SH tls_config_name (default: empty)
@@ -14102,8 +14156,7 @@ Postfix >= 3.4. See \fBSSL_CTX_set_options\fR(3).
 This feature is available in Postfix 2.8 and later.
 .SH tls_eecdh_auto_curves (default: see "postconf \-d" output)
 The prioritized list of elliptic curves, that should be enabled in the
-Postfix SMTP client and server.  These are used by the Postfix SMTP server when
-"smtpd_tls_eecdh_grade = auto".  The selected curves should be implemented
+Postfix SMTP client and server.  The selected curves should be implemented
 by OpenSSL and be standardized for use in the TLS "supported groups" extension
 (RFC8422, RFC8446 and RFC8447).  Be sure to include at least "x25519" and
 "prime256v1" (the OpenSSL name for "secp256r1", a.k.a. "P\-256").  The default
@@ -14127,6 +14180,13 @@ See also the "tls_ffdhe_auto_groups" parameter, which supports
 customizing the list of FFDHE groups enabled with TLS 1.3.  That setting
 is introduced with Postfix 3.8, when built against OpenSSL 3.0 or later.
 .PP
+Post\-quantum cryptography support: OpenSSL 3.5 introduces new
+configuration syntax that Postfix will not attempt to imitate.
+Instead, with Postfix 3.6.17, 3.7.13, 3.8.8, 3.9.2, and later, set
+both tls_eecdh_auto_curves and if available tls_ffdhe_auto_groups
+to the empty value, to enable algorithm selection through OpenSSL
+configuration. See tls_config_file for a configuration example.
+.PP
 This feature is available in Postfix 3.2 and later, when it is
 compiled and linked with OpenSSL 1.0.2 or later on platforms where
 EC algorithms have not been disabled by the vendor.
@@ -14144,6 +14204,8 @@ must support this curve for EECDH key exchange to take place.  It
 is unwise to choose only "bleeding\-edge" curves supported by only a
 small subset of clients.
 .PP
+This feature is not used as of Postfix 3.6. Do not specify.
+.PP
 The default "strong" curve is rated in NSA Suite
 B for information classified up to SECRET.
 .PP
@@ -14179,6 +14241,8 @@ client implementations must support this curve for EECDH key exchange
 to take place.  It is unwise to choose only "bleeding\-edge" curves
 supported by only a small subset of clients.
 .PP
+This feature is not used as of Postfix 3.6. Do not specify.
+.PP
 This default "ultra" curve is rated in NSA Suite
 B for information classified up to TOP SECRET.
 .PP
@@ -14233,10 +14297,15 @@ Whether FFDHE key agreement is enabled in TLS 1.2 and earlier depends
 on whether any of the "kDHE" ciphers are included in the cipherlist.
 .PP
 Conversely, setting "tls_eecdh_auto_curves" empty disables TLS 1.3
-EC key agreement in OpenSSL 3.0 and later.  Note that at least one of
-"tls_eecdh_auto_curves" and "tls_ffdhe_auto_groups" must be non\-empty,
-this is required by OpenSSL 3.0.  If both are inadvertently set empty,
-Postfix will fall back to the compiled\-in defaults.
+EC key agreement in OpenSSL 3.0 and later. If both are set empty,
+Postfix will fall back to OpenSSL preferences as described next.
+.PP
+Post\-quantum cryptography support: OpenSSL 3.5 introduces new
+configuration syntax that Postfix will not attempt to imitate.
+Instead, with Postfix 3.6.17, 3.7.13, 3.8.8, 3.9.2, and later, set
+both tls_eecdh_auto_curves and tls_ffdhe_auto_groups to the empty
+value, to enable algorithm selection through OpenSSL configuration.
+See tls_config_file for a configuration example.
 .PP
 All the default groups and EC curves should be sufficiently strong to make
 "pruning" the defaults unwise.  At a minimum, "x25519" and "prime256v1" (the
@@ -14874,7 +14943,7 @@ The Postfix \fBtlsproxy\fR(8) server security grade for ephemeral
 elliptic\-curve Diffie\-Hellman (EECDH) key exchange. See
 smtpd_tls_eecdh_grade for further details.
 .PP
-This feature is deprecated as of Postfix 3.9. Do not specify.
+This feature is not used as of Postfix 3.6. Do not specify.
 .PP
 This feature is available in Postfix 2.8 and later.
 .SH tlsproxy_tls_enable_rpk (default: $smtpd_tls_enable_rpk)
@@ -15428,8 +15497,8 @@ process.
 .PP
 Specify zero or more service names separated by comma and/or
 whitespace. Any name in the \fBservices\fR(5) database may be specified,
-though in practice only submission, submissions, and smtp make
-sense.
+though in practice only submission or submissions (formerly called
+smtp) make sense.
 .PP
 When SRV record lookup is enabled with use_srv_lookup, you can
 enclose a domain name in "[]" to force IP address lookup instead
diff --git a/postfix/man/man8/smtp.8 b/postfix/man/man8/smtp.8
index ee3cefc5f..a6a56a53d 100644
--- a/postfix/man/man8/smtp.8
+++ b/postfix/man/man8/smtp.8
@@ -628,10 +628,11 @@ The name of the \fBtlsmgr\fR(8) service entry in master.cf.
 Available in Postfix version 3.0 and later:
 .IP "\fBsmtp_tls_wrappermode (no)\fR"
 Request that the Postfix SMTP client connects using the
-SUBMISSIONS/SMTPS protocol instead of using the STARTTLS command.
+SUBMISSIONS (formerly called SMTPS) protocol instead of using the
+STARTTLS command.
 .PP
 Available in Postfix version 3.1 and later:
-.IP "\fBsmtp_tls_dane_insecure_mx_policy (see 'postconf -d' output)\fR"
+.IP "\fBsmtp_tls_dane_insecure_mx_policy (dane)\fR"
 The TLS policy for MX hosts with "secure" TLSA records when the
 nexthop destination security level is \fBdane\fR, but the MX
 record was found via an "insecure" MX lookup.
diff --git a/postfix/proto/TLSRPT_README.html b/postfix/proto/TLSRPT_README.html
index 9d4812dca..8f09e9098 100644
--- a/postfix/proto/TLSRPT_README.html
+++ b/postfix/proto/TLSRPT_README.html
@@ -345,7 +345,8 @@ postfix-tlspol</a>, supports domains with DANE (using Postfix
 built-in DANE), and domains with MTA-STS. </p>
 
 <li> <p> <a href="https://github.com/Snawoot/postfix-mta-sts-resolver">
-postfix-mta-sts-resolver</a>, supports domains with MTA-STS. </p>
+postfix-mta-sts-resolver</a>, supports domains with MTA-STS as of
+release 1.5.0 (February 2025). </p>
 
 </ul>
 
diff --git a/postfix/proto/TLS_README.html b/postfix/proto/TLS_README.html
index 36da089f7..879aae52e 100644
--- a/postfix/proto/TLS_README.html
+++ b/postfix/proto/TLS_README.html
@@ -552,8 +552,8 @@ and OE (5.01 Mac on all ports). </p>
 <p> It is strictly discouraged to use this mode from main.cf. If
 you want to support this service, enable a special port in master.cf
 and specify "-o smtpd_tls_wrappermode=yes" (note: no space around
-the "=") as an smtpd(8) command line option.  Port 465 (smtps) was
-once chosen for this feature.
+the "=") as an smtpd(8) command line option.  Port 465 (submissions,
+formerly called smtps) is the most common example.
 </p>
 
 <p> Example: </p>
@@ -561,7 +561,7 @@ once chosen for this feature.
 <blockquote>
 <pre>
 /etc/postfix/master.cf:
-    smtps    inet  n       -       n       -       -       smtpd
+    submissions inet  n       -       n       -       -       smtpd
       -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
 </pre>
 </blockquote>
@@ -1065,7 +1065,7 @@ key configuration </a>
 
 <li> <a href="#client_cipher">Client-side cipher controls </a>
 
-<li> <a href="#client_smtps">Client-side SMTPS support </a>
+<li> <a href="#client_smtps">Client-side submissions (formerly called smtps) support </a>
 
 <li> <a href="#client_misc"> Miscellaneous client controls </a>
 
@@ -2560,32 +2560,33 @@ the TLS protocols used with opportunistic TLS. </p>
 </pre>
 </blockquote>
 
-<h3> <a name="client_smtps">Client-side SMTPS support </a> </h3>
+<h3> <a name="client_smtps">Client-side submissions (formerly called smtps) support </a> </h3>
 
 <p> These sections show how to send mail to a server that does not
-support STARTTLS, but that provides the SMTPS service
+support STARTTLS, but that provides the submissions (smtps) service
 on TCP port 465.  Depending on the Postfix version, some additional
 tooling may be required. </p>
 
 <h4> Postfix &ge; 3.0 </h4>
 
-<p> The Postfix SMTP client has SMTPS support built-in as of version
+<p> The Postfix SMTP client has submissions service support built-in
+as of version
 3.0.  Use one of the following examples, to send all remote mail,
-or to send only some remote mail, to an SMTPS server.  </p>
+or to send only some remote mail, to a submissions (smtps) server.  </p>
 
-<h5> Postfix &ge; 3.0: Sending all remote mail to an SMTPS server </h5>
+<h5> Postfix &ge; 3.0: Sending all remote mail to a submissions (formerly called smtps) server </h5>
 
-<p> The first example will send all remote mail over SMTPS through
-a provider's server called "mail.example.com": </p>
+<p> The first example will send all remote mail to through a
+provider's submissions server called "mail.example.com": </p>
 
 <blockquote>
 <pre>
 /etc/postfix/main.cf:
-    # Client-side SMTPS requires "encrypt" or stronger.
+    # Client-side submissions requires "encrypt" or stronger.
     smtp_tls_security_level = encrypt
     smtp_tls_wrappermode = yes
     # The [] suppress MX lookups.
-    relayhost = [mail.example.com]:465
+    relayhost = [mail.example.com]:submissions
 </pre>
 </blockquote>
 
@@ -2595,11 +2596,12 @@ a provider's server called "mail.example.com": </p>
 </p>
 
 <h5> Postfix &ge; 3.0: Sending only mail for a specific destination
-via SMTPS </h5>
+to a submissions (formerly called smtps) service </h5>
 
-<p> The second example will send only mail for "example.com" via
-SMTPS.  This time, Postfix uses a transport map to deliver only
-mail for "example.com" via SMTPS: </p>
+<p> The second example will send only mail for "example.com" using
+the submissions (smtps) service.
+This time, Postfix uses a transport map to deliver only
+mail for "example.com" using the submissions (smtps) service: </p>
 
 <blockquote>
 <pre>
@@ -2607,11 +2609,11 @@ mail for "example.com" via SMTPS: </p>
     transport_maps = hash:/etc/postfix/transport
 
 /etc/postfix/transport:
-    example.com  relay-smtps:example.com:465
+    example.com  relay-submissions:example.com:submissions
 
 /etc/postfix/master.cf:
-    relay-smtps  unix  -       -       n       -       -       smtp
-	# Client-side SMTPS requires "encrypt" or stronger.
+    relay-submissions  unix  -       -       n       -       -       smtp
+	# Client-side submissions service requires "encrypt" or stronger.
 	-o smtp_tls_security_level=encrypt
 	-o smtp_tls_wrappermode=yes
 </pre>
@@ -2625,81 +2627,7 @@ authentication. </p>
 
 <h4> Postfix &lt; 3.0 </h4>
 
-<p> Although older Postfix SMTP client versions do not support TLS
-wrapper mode, it is relatively easy to forward a connection through
-the stunnel program if Postfix needs to deliver mail to some legacy
-system that doesn't support STARTTLS. </p>
-
-<h5> Postfix &lt; 3.0: Sending all remote mail to an SMTPS server </h5>
-
-<p> The first example uses SMTPS to send all remote mail to a
-provider's mail server called "mail.example.com".  </p>
-
-<p> A minimal stunnel.conf file is sufficient to set up a tunnel
-from local port 11125 to the remote destination "mail.example.com"
-and port "smtps". Postfix will later use this tunnel to connect to
-the remote server. </p>
-
-<blockquote>
-<pre>
-/path/to/stunnel.conf:
-    [smtp-tls-wrapper]
-    accept = 11125
-    client = yes
-    connect = mail.example.com:smtps
-</pre>
-</blockquote>
-
-<p> To test this tunnel, use: </p>
-
-<blockquote>
-<pre>
-$ telnet localhost 11125
-</pre>
-</blockquote>
-
-<p> This should produce the greeting from the remote SMTP server
-at mail.example.com. </p>
-
-<p> On the Postfix side, the relayhost feature sends all remote
-mail through the local stunnel listener on port 11125: </p>
-
-<blockquote>
-<pre>
-/etc/postfix/main.cf:
-    relayhost = [127.0.0.1]:11125
-</pre>
-</blockquote>
-
-<p> Use "postfix reload" to make the change effective. </p>
-
-<p> See SOHO_README for additional information about SASL
-authentication. </p>
-
-<h4> Postfix &lt; 3.0: Sending only mail for a specific destination via SMTPS </h4>
-
-<p> The second example will use SMTPS to send only mail for
-"example.com" via SMTPS. It uses the same stunnel configuration
-file as the first example, so it won't be repeated here. </p>
-
-<p> This time, the Postfix side uses a transport map to direct only
-mail for "example.com" through the tunnel: </p>
-
-<blockquote>
-<pre>
-/etc/postfix/main.cf:
-    transport_maps = hash:/etc/postfix/transport
-
-/etc/postfix/transport:
-    example.com  relay:[127.0.0.1]:11125
-</pre>
-</blockquote>
-
-<p> Use "postmap hash:/etc/postfix/transport" and "postfix reload"
-to make the change effective. </p>
-
-<p> See SOHO_README for additional information about SASL authentication.
-</p>
+<p> Please see TLS_LEGACY_README. </p>
 
 <h3> <a name="client_misc"> Miscellaneous client controls </a> </h3>
 
@@ -2710,7 +2638,7 @@ tries the next network address on the mail exchanger list, and
 defers delivery if no alternative server is available. </p>
 
 <p> Example: </p>
- 
+  
 <blockquote>
 <pre>
 /etc/postfix/main.cf:
@@ -2727,7 +2655,7 @@ are disabled in the default value of the parameter when linked with
 an OpenSSL library that could be vulnerable. </p>
 
 <p> Example: </p>
- 
+
 <blockquote>
 <pre>
 /etc/postfix/main.cf:
diff --git a/postfix/proto/postconf.proto b/postfix/proto/postconf.proto
index 0a7b4702d..6c6b83d61 100644
--- a/postfix/proto/postconf.proto
+++ b/postfix/proto/postconf.proto
@@ -6708,7 +6708,8 @@ envelope sender
 
 <blockquote> <p> Note: to enforce that the From: header address
 matches the envelope sender (MAIL FROM) address, use an external
-filter such as a Milter, for the submission, submissions, or smtps 
+filter such as a Milter, for the submission or submissions (formerly
+called smtps )
 services. For example: https://github.com/magcks/milterfrom. </p>
 </blockquote>
 
@@ -6812,8 +6813,8 @@ that they do not explicitly own.
 <br> 
 Note: to enforce that the From: header address matches the envelope
 sender (MAIL FROM) address, use an external filter such as a Milter,
-for the submission, submissions, or smtps services. For example:
-https://github.com/magcks/milterfrom.
+for the submission or submissions (formerly called smtps) services.
+For example: https://github.com/magcks/milterfrom.
 <br>
 This feature is available in Postfix version 2.1 and later. </dd>
 
@@ -6833,8 +6834,8 @@ unlisted MAIL FROM address.
 <br> 
 Note: to enforce that the From: header address matches the envelope
 sender (MAIL FROM) address, use an external filter such as a Milter,
-for the submission, submissions, or smtps services. For example:
-https://github.com/magcks/milterfrom.
+for the submission or submissions (formerly called smtps) services.
+For example: https://github.com/magcks/milterfrom.
 <br>
 This feature is available in Postfix version 2.11 and later.</dd>
 
@@ -6879,8 +6880,8 @@ using any MAIL FROM address that is listed in $smtpd_sender_login_maps.
 <br> 
 Note: to enforce that the From: header address matches the envelope
 sender (MAIL FROM) address, use an external filter such as a Milter,
-for the submission, submissions, or smtps services. For example:
-https://github.com/magcks/milterfrom.
+for the submission or submissions (formerly called smtps) services.
+For example: https://github.com/magcks/milterfrom.
 <br>
 This feature is available in Postfix version 2.1 and later.</dd>
 
@@ -8466,11 +8467,11 @@ use the same program name. </p>
 <p> Example master.cf entries: </p>
 
 <pre>
-# Distinguish inbound MTA logging from submission and smtps logging.
+# Distinguish inbound MTA logging from submission and submissions logging.
 smtp      inet  n       -       n       -       -       smtpd
 submission inet n       -       n       -       -       smtpd
     -o syslog_name=postfix/$service_name
-smtps     inet  n       -       n       -       -       smtpd
+submissions inet n      -       n       -       -       smtpd
     -o syslog_name=postfix/$service_name
 </pre>
 
@@ -9930,8 +9931,8 @@ instead of using the STARTTLS command. </p>
 
 <p> If you want to support this service, enable a special port in
 master.cf, and specify "-o smtpd_tls_wrappermode=yes" on the SMTP
-server's command line. Port 465 (submissions/smtps) is reserved for
-this purpose. </p>
+server's command line. Port 465 (submissions, formerly called smtps)
+is reserved for this purpose. </p>
 
 <p> This feature is available in Postfix 2.2 and later.  </p>
 
@@ -13349,8 +13350,7 @@ parameter. See there for details. </p>
 %PARAM tls_eecdh_auto_curves see "postconf -d" output
 
 <p> The prioritized list of elliptic curves, that should be enabled in the
-Postfix SMTP client and server.  These are used by the Postfix SMTP server when
-"smtpd_tls_eecdh_grade = auto".  The selected curves should be implemented
+Postfix SMTP client and server.  The selected curves should be implemented
 by OpenSSL and be standardized for use in the TLS "supported groups" extension
 (RFC8422, RFC8446 and RFC8447).  Be sure to include at least "x25519" and
 "prime256v1" (the OpenSSL name for "secp256r1", a.k.a. "P-256").  The default
@@ -13375,6 +13375,14 @@ customizing the list of FFDHE groups enabled with TLS 1.3.  That setting
 is introduced with Postfix 3.8, when built against OpenSSL 3.0 or later.
 </p>
 
+<p> Post-quantum cryptography support: OpenSSL 3.5 introduces new
+configuration syntax that Postfix will not attempt to imitate.
+Instead, with Postfix 3.6.17, 3.7.13, 3.8.8, 3.9.2, and later, set
+both tls_eecdh_auto_curves and if available tls_ffdhe_auto_groups
+to the empty value, to enable algorithm selection through OpenSSL
+configuration. See tls_config_file for a configuration example.
+</p>
+
 <p> This feature is available in Postfix 3.2 and later, when it is
 compiled and linked with OpenSSL 1.0.2 or later on platforms where
 EC algorithms have not been disabled by the vendor. </p>
@@ -13405,10 +13413,15 @@ on whether any of the "kDHE" ciphers are included in the cipherlist.
 </p>
 
 <p> Conversely, setting "tls_eecdh_auto_curves" empty disables TLS 1.3
-EC key agreement in OpenSSL 3.0 and later.  Note that at least one of
-"tls_eecdh_auto_curves" and "tls_ffdhe_auto_groups" must be non-empty,
-this is required by OpenSSL 3.0.  If both are inadvertently set empty,
-Postfix will fall back to the compiled-in defaults. </p>
+EC key agreement in OpenSSL 3.0 and later. If both are set empty,
+Postfix will fall back to OpenSSL preferences as described next. </p>
+
+<p> Post-quantum cryptography support: OpenSSL 3.5 introduces new
+configuration syntax that Postfix will not attempt to imitate.
+Instead, with Postfix 3.6.17, 3.7.13, 3.8.8, 3.9.2, and later, set
+both tls_eecdh_auto_curves and tls_ffdhe_auto_groups to the empty
+value, to enable algorithm selection through OpenSSL configuration.
+See tls_config_file for a configuration example. </p>
 
 <p> All the default groups and EC curves should be sufficiently strong to make
 "pruning" the defaults unwise.  At a minimum, "x25519" and "prime256v1" (the
@@ -13433,6 +13446,8 @@ must support this curve for EECDH key exchange to take place.  It
 is unwise to choose only "bleeding-edge" curves supported by only a
 small subset of clients.  </p>
 
+<p> This feature is not used as of Postfix 3.6. Do not specify. </p>
+
 <p> The default "strong" curve is rated in NSA <a
 href="https://web.archive.org/web/20160330034144/https://www.nsa.gov/ia/programs/suiteb_cryptography/">Suite
 B</a> for information classified up to SECRET.  </p>
@@ -13473,6 +13488,8 @@ client implementations must support this curve for EECDH key exchange
 to take place.  It is unwise to choose only "bleeding-edge" curves
 supported by only a small subset of clients. </p>
 
+<p> This feature is not used as of Postfix 3.6. Do not specify. </p>
+
 <p> This default "ultra" curve is rated in NSA <a
 href="https://web.archive.org/web/20160330034144/https://www.nsa.gov/ia/programs/suiteb_cryptography/">Suite
 B</a> for information classified up to TOP SECRET. </p>
@@ -13499,6 +13516,8 @@ this parameter is always ignored, and Postfix behaves as though the
 <b>auto</b> value (described below) was chosen.
 </p>
 
+<p> This feature is not used as of Postfix 3.6. Do not specify. </p>
+
 <p> The available choices are: </p>
 
 <dl>
@@ -15979,7 +15998,7 @@ the "tlsproxy_tls_chain_files" parameter. </p>
 elliptic-curve Diffie-Hellman (EECDH) key exchange. See
 smtpd_tls_eecdh_grade for further details. </p>
 
-<p> This feature is deprecated as of Postfix 3.9. Do not specify. </p>
+<p> This feature is not used as of Postfix 3.6. Do not specify. </p>
 
 <p> This feature is available in Postfix 2.8 and later. </p>
 
@@ -17507,21 +17526,22 @@ with valid PTR etc. records. </p>
 %PARAM smtp_tls_wrappermode no
 
 <p> Request that the Postfix SMTP client connects using the
-SUBMISSIONS/SMTPS protocol instead of using the STARTTLS command. </p>
+SUBMISSIONS (formerly called SMTPS) protocol instead of using the
+STARTTLS command. </p>
 
 <p> This mode requires "smtp_tls_security_level = encrypt" or
 stronger. </p>
 
-<p> Example: deliver all remote mail via a provider's server
-"mail.example.com".  </p>
+<p> Example: deliver all remote mail via a provider's submissions
+service at "mail.example.com".  </p>
 
 <pre>
 /etc/postfix/main.cf:
-    # Client-side SMTPS requires "encrypt" or stronger.
+    # Client-side SUBMISSIONS requires "encrypt" or stronger.
     smtp_tls_security_level = encrypt
     smtp_tls_wrappermode = yes
     # The [] suppress MX lookups.
-    relayhost = [mail.example.com]:465
+    relayhost = [mail.example.com]:submissions
 </pre>
 
 <p> More examples are in TLS_README, including examples for older
@@ -17591,7 +17611,7 @@ clients).  </p>
 This feature is available in Postfix 3.1 and later.
 </p>
 
-%PARAM smtp_tls_dane_insecure_mx_policy see "postconf -d" output
+%PARAM smtp_tls_dane_insecure_mx_policy dane
 
 <p> The TLS policy for MX hosts with "secure" TLSA records when the
 nexthop destination security level is <b>dane</b>, but the MX
@@ -17615,10 +17635,9 @@ authentication succeeds, it will be logged only as "Trusted", not
 "Verified", because the MX host name could have been forged.  </dd>
 </dl>
 
-<p> The default setting for Postfix &ge; 3.6 is "dane" with
-"smtp_tls_security_level = dane", otherwise "may". This behavior
-was backported to Postfix versions 3.5.9, 3.4.19, 3.3.16. 3.2.21.
-With earlier Postfix versions the default setting was always "dane".
+<p> The default setting is "dane" as of Postfix versions 3.6.17,
+3.7.13, 3.8.8, 3.9.2, and 3.10.0. With earlier versions the default
+was mistakenly dependent on the smtp_tls_security_level setting.
 </p>
 
 <p> Though with "insecure" MX records an active attacker can
@@ -18985,8 +19004,8 @@ process. </p>
 
 <p> Specify zero or more service names separated by comma and/or
 whitespace. Any name in the services(5) database may be specified,
-though in practice only submission, submissions, and smtp make
-sense.  </p>
+though in practice only submission or submissions (formerly called
+smtp) make sense.  </p>
 
 <p> When SRV record lookup is enabled with use_srv_lookup, you can
 enclose a domain name in "[]" to force IP address lookup instead
@@ -19193,6 +19212,47 @@ MinProtocol = TLSv1
 </pre>
 </blockquote>
 
+<p> Example: Custom OpenSSL group settings. </p>
+
+<pre>
+main.cf:
+    tls_config_file = ${config_directory}/openssl.cnf
+    tls_config_name = postfix
+</pre>
+
+<pre>
+openssl.cnf:
+    postfix = postfix_settings
+</pre>
+
+<pre>
+    [postfix_settings]
+    ssl_conf = postfix_ssl_settings
+</pre>
+
+<pre>
+    [postfix_ssl_settings]
+    system_default = baseline_postfix_settings
+</pre>
+
+<pre>
+    [baseline_postfix_settings]
+    # New OpenSSL 3.5 syntax, for older releases consider
+    # the Postfix default:
+    #
+    # Groups = X25519:X448:prime256v1:secp384r1:secp521r1:ffdhe2048:ffdhe3072
+    #
+    Groups = *X25519MLKEM768 / *X25519:X448 / P-256:P-384
+</pre>
+
+<p> Caution: It is typically best to just use the default group
+settings, for which no $tls_config_file is required (you can set
+"tls_config_file = none", to avoid unwanted leakage of system-wide
+settings that strive to harden HTTPS against mostly browser-specific
+security and privacy issues into Postfix use of opportunistic TLS,
+where they're they can be counterproductive, leading to downgrades
+to cleartext, rather than more "secure" TLS). </p>
+
 <p> This feature is available in Postfix &ge; 3.9, 3.8.1, 3.7.6,
 3.6.10, and 3.5.20. </p>
 
diff --git a/postfix/proto/stop b/postfix/proto/stop
index d3c8a5cd8..a4a6b63ab 100644
--- a/postfix/proto/stop
+++ b/postfix/proto/stop
@@ -1670,3 +1670,5 @@ SIGKILL
 URI
 URIs
 bugfix
+MLKEM
+cleartext
diff --git a/postfix/proto/stop.double-history b/postfix/proto/stop.double-history
index 870135f2b..62e45e6b2 100644
--- a/postfix/proto/stop.double-history
+++ b/postfix/proto/stop.double-history
@@ -164,3 +164,5 @@ proto  proto socketmap_table
  cleanup cleanup_message c smtp smtp c smtp smtp_connect c 
  Documentation edited for clarity Files pipe pipe c 
  global mail_params h smtpd smtpd c 
+ global mail_params h proto postconf proto smtp smtp c 
+ proto postconf proto proto TLS_README html 
diff --git a/postfix/src/global/mail_params.h b/postfix/src/global/mail_params.h
index aa2f294bf..0aa05ba00 100644
--- a/postfix/src/global/mail_params.h
+++ b/postfix/src/global/mail_params.h
@@ -1660,7 +1660,7 @@ extern bool var_smtp_tls_force_tlsa;
 
  /* SMTP only */
 #define VAR_SMTP_TLS_INSECURE_MX_POLICY "smtp_tls_dane_insecure_mx_policy"
-#define DEF_SMTP_TLS_INSECURE_MX_POLICY "${{$smtp_tls_security_level} == {dane} ? {dane} : {may}}"
+#define DEF_SMTP_TLS_INSECURE_MX_POLICY "dane"
 extern char *var_smtp_tls_insecure_mx_policy;
 
  /*
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index 26626a7bc..feb7801a3 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
   * Patches change both the patchlevel and the release date. Snapshots have no
   * patchlevel; they change the release date only.
   */
-#define MAIL_RELEASE_DATE	"20250207"
+#define MAIL_RELEASE_DATE	"20250215"
 #define MAIL_VERSION_NUMBER	"3.10"
 
 #ifdef SNAPSHOT
diff --git a/postfix/src/smtp/smtp.c b/postfix/src/smtp/smtp.c
index 38b3771d4..e92696c75 100644
--- a/postfix/src/smtp/smtp.c
+++ b/postfix/src/smtp/smtp.c
@@ -594,10 +594,11 @@
 /*	Available in Postfix version 3.0 and later:
 /* .IP "\fBsmtp_tls_wrappermode (no)\fR"
 /*	Request that the Postfix SMTP client connects using the
-/*	SUBMISSIONS/SMTPS protocol instead of using the STARTTLS command.
+/*	SUBMISSIONS (formerly called SMTPS) protocol instead of using the
+/*	STARTTLS command.
 /* .PP
 /*	Available in Postfix version 3.1 and later:
-/* .IP "\fBsmtp_tls_dane_insecure_mx_policy (see 'postconf -d' output)\fR"
+/* .IP "\fBsmtp_tls_dane_insecure_mx_policy (dane)\fR"
 /*	The TLS policy for MX hosts with "secure" TLSA records when the
 /*	nexthop destination security level is \fBdane\fR, but the MX
 /*	record was found via an "insecure" MX lookup.
diff --git a/postfix/src/tls/tls_dh.c b/postfix/src/tls/tls_dh.c
index e42b174a7..247b67d45 100644
--- a/postfix/src/tls/tls_dh.c
+++ b/postfix/src/tls/tls_dh.c
@@ -393,7 +393,6 @@ static int setup_auto_groups(SSL_CTX *ctx, const char *origin,
 
 void    tls_auto_groups(SSL_CTX *ctx, const char *eecdh, const char *ffdhe)
 {
-#ifndef OPENSSL_NO_ECDH
     char   *def_eecdh = DEF_TLS_EECDH_AUTO;
 
 #if OPENSSL_VERSION_PREREQ(3, 0)
@@ -407,6 +406,10 @@ void    tls_auto_groups(SSL_CTX *ctx, const char *eecdh, const char *ffdhe)
 #endif
     const char *origin;
 
+    /* Use OpenSSL defaults */
+    if (!*eecdh && !*ffdhe)
+        return;
+
     /*
      * Try the user-specified list first. If that fails (empty list or no
      * known group name), try again with the Postfix defaults. We assume that
@@ -432,7 +435,6 @@ void    tls_auto_groups(SSL_CTX *ctx, const char *eecdh, const char *ffdhe)
 	    return;
 	}
     }
-#endif
 }
 
 #ifdef TEST
diff --git a/postfix/src/tls/tls_misc.c b/postfix/src/tls/tls_misc.c
index 937999f08..d4cbe2bb9 100644
--- a/postfix/src/tls/tls_misc.c
+++ b/postfix/src/tls/tls_misc.c
@@ -674,8 +674,8 @@ void    tls_param_init(void)
 	VAR_TLS_EXPORT_CLIST, DEF_TLS_EXPORT_CLIST, &var_tls_export_ignored, 0, 0,
 	VAR_TLS_NULL_CLIST, DEF_TLS_NULL_CLIST, &var_tls_null_clist, 1, 0,
 	VAR_TLS_EECDH_AUTO, DEF_TLS_EECDH_AUTO, &var_tls_eecdh_auto, 0, 0,
-	VAR_TLS_EECDH_STRONG, DEF_TLS_EECDH_STRONG, &var_tls_eecdh_strong, 1, 0,
-	VAR_TLS_EECDH_ULTRA, DEF_TLS_EECDH_ULTRA, &var_tls_eecdh_ultra, 1, 0,
+	VAR_TLS_EECDH_STRONG, DEF_TLS_EECDH_STRONG, &var_tls_eecdh_strong, 0, 0,
+	VAR_TLS_EECDH_ULTRA, DEF_TLS_EECDH_ULTRA, &var_tls_eecdh_ultra, 0, 0,
 	VAR_TLS_FFDHE_AUTO, DEF_TLS_FFDHE_AUTO, &var_tls_ffdhe_auto, 0, 0,
 	VAR_TLS_BUG_TWEAKS, DEF_TLS_BUG_TWEAKS, &var_tls_bug_tweaks, 0, 0,
 	VAR_TLS_SSL_OPTIONS, DEF_TLS_SSL_OPTIONS, &var_tls_ssl_options, 0, 0,
@@ -1084,8 +1084,17 @@ void    tls_get_signature_params(TLS_SESS_STATE *TLScontext)
 	    break;
 #endif
 	}
-	EVP_PKEY_free(dh_pkey);
     }
+    if (kex_name) {
+	TLScontext->kex_name = mystrdup(kex_name);
+	TLScontext->kex_curve = kex_curve;
+    }
+    /* Not a problem if NULL */
+    EVP_PKEY_free(dh_pkey);
+
+    /* Resumption makes no use of signature keys or digests */
+    if (TLScontext->session_reused)
+	return;
 
     /*
      * On the client end, the certificate may be present, but not used, so we
@@ -1111,12 +1120,19 @@ void    tls_get_signature_params(TLS_SESS_STATE *TLScontext)
 	 * the more familiar name.  For "RSA" keys report "RSA-PSS", which
 	 * must be used with TLS 1.3.
 	 */
-	if ((nid = EVP_PKEY_type(EVP_PKEY_id(local_pkey))) != NID_undef) {
+	if ((nid = EVP_PKEY_id(local_pkey)) != NID_undef) {
 	    switch (nid) {
 	    default:
-		locl_sig_name = OBJ_nid2sn(nid);
+		if ((nid = EVP_PKEY_type(nid)) != NID_undef)
+		    locl_sig_name = OBJ_nid2sn(nid);
 		break;
 
+#if defined(EVP_PKEY_KEYMGMT)
+	    case EVP_PKEY_KEYMGMT:
+		locl_sig_name = EVP_PKEY_get0_type_name(local_pkey);
+		break;
+#endif
+
 	    case EVP_PKEY_RSA:
 		/* For RSA, TLS 1.3 mandates PSS signatures */
 		locl_sig_name = "RSA-PSS";
@@ -1138,6 +1154,13 @@ void    tls_get_signature_params(TLS_SESS_STATE *TLScontext)
 	 */
 	if (SSL_get_signature_nid(ssl, &nid) && nid != NID_undef)
 	    locl_sig_dgst = OBJ_nid2sn(nid);
+
+	if (locl_sig_name) {
+	    SIG_PROP(TLScontext, srvr, name) = mystrdup(locl_sig_name);
+	    SIG_PROP(TLScontext, srvr, curve) = locl_sig_curve;
+	    if (locl_sig_dgst)
+		SIG_PROP(TLScontext, srvr, dgst) = mystrdup(locl_sig_dgst);
+	}
     }
     peer_cert = TLS_PEEK_PEER_CERT(ssl);
     if (peer_cert != 0) {
@@ -1165,12 +1188,19 @@ void    tls_get_signature_params(TLS_SESS_STATE *TLScontext)
 	 * the more familiar name.  For "RSA" keys report "RSA-PSS", which
 	 * must be used with TLS 1.3.
 	 */
-	if ((nid = EVP_PKEY_type(EVP_PKEY_id(peer_pkey))) != NID_undef) {
+	if ((nid = EVP_PKEY_id(peer_pkey)) != NID_undef) {
 	    switch (nid) {
 	    default:
-		peer_sig_name = OBJ_nid2sn(nid);
+		if ((nid = EVP_PKEY_type(nid)) != NID_undef)
+		    peer_sig_name = OBJ_nid2sn(nid);
 		break;
 
+#if defined(EVP_PKEY_KEYMGMT)
+	    case EVP_PKEY_KEYMGMT:
+		peer_sig_name = EVP_PKEY_get0_type_name(peer_pkey);
+		break;
+#endif
+
 	    case EVP_PKEY_RSA:
 		/* For RSA, TLS 1.3 mandates PSS signatures */
 		peer_sig_name = "RSA-PSS";
@@ -1193,25 +1223,14 @@ void    tls_get_signature_params(TLS_SESS_STATE *TLScontext)
 	if (SSL_get_peer_signature_nid(ssl, &nid) && nid != NID_undef)
 	    peer_sig_dgst = OBJ_nid2sn(nid);
 
+	if (peer_sig_name) {
+	    SIG_PROP(TLScontext, !srvr, name) = mystrdup(peer_sig_name);
+	    SIG_PROP(TLScontext, !srvr, curve) = peer_sig_curve;
+	    if (peer_sig_dgst)
+		SIG_PROP(TLScontext, !srvr, dgst) = mystrdup(peer_sig_dgst);
+	}
     }
     TLS_FREE_PEER_CERT(peer_cert);
-
-    if (kex_name) {
-	TLScontext->kex_name = mystrdup(kex_name);
-	TLScontext->kex_curve = kex_curve;
-    }
-    if (locl_sig_name) {
-	SIG_PROP(TLScontext, srvr, name) = mystrdup(locl_sig_name);
-	SIG_PROP(TLScontext, srvr, curve) = locl_sig_curve;
-	if (locl_sig_dgst)
-	    SIG_PROP(TLScontext, srvr, dgst) = mystrdup(locl_sig_dgst);
-    }
-    if (peer_sig_name) {
-	SIG_PROP(TLScontext, !srvr, name) = mystrdup(peer_sig_name);
-	SIG_PROP(TLScontext, !srvr, curve) = peer_sig_curve;
-	if (peer_sig_dgst)
-	    SIG_PROP(TLScontext, !srvr, dgst) = mystrdup(peer_sig_dgst);
-    }
 }
 
 /* tls_log_summary - TLS loglevel 1 one-liner, embellished with TLS 1.3 details */