Postfix & TLS

P

ph0enix

Hi, I'm trying to figure how to force TLS in Postfix but only for specific mail destinations. Can I do that?

Thank you! :D

J.
 
The solution was found here:
http://www.postfix.org/TLS_README.html

Example:

Code: 
    /etc/postfix/main.cf:
        smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
        # Postfix 2.5 and later
        smtp_tls_fingerprint_digest = md5
    /etc/postfix/tls_policy:
        example.edu             none
        example.mil             may
        example.gov             encrypt protocols=SSLv3:TLSv1 ciphers=high
        example.com             verify     
                match=hostname:dot-nexthop protocols=SSLv3:TLSv1 ciphers=high
        example.net             secure
        .example.net            secure match=.example.net:example.net
        [mail.example.org]:587  secure match=nexthop
        # Postfix 2.5 and later
        [thumb.example.org]         fingerprint
        	match=EC:3B:2D:B0:5B:B1:FB:6D:20:A3:9D:72:F6:8D:12:35
    	match=3D:95:34:51:24:66:33:B9:D2:40:99:C0:C1:17:0B:D1
        # Postfix 2.6 and later
        example.info            may protocols=!SSLv2 ciphers=medium exclude=3DES
 
You must log in or register to reply here.
Back
Top