Hi Pete, I was just looking over the man page for smtpd.conf and there is a way to disable cert verification. There is also a match statement that, while it won't force the connection to be over TLS per se, it just won't allow the transaction to happen if it is not over TLS.
action "action01" relay tls-noverify. match tls from domain "example.org" to any action "action01" Hope this helps some, Matt On Mon, Aug 27, 2018 at 8:42 AM Pete wrote: > > Hello, > > i'm trying to get my config up to speed before 6.4, but i wasn't > really able to figure out how to to what i wanted regarding relaying and > TLS. > > Currenly i have: > # Suckers > accept tagged OUT_OK from source <relayhosts> for domain <notls_dest> relay > # always enforce TLS for outbound > accept tagged OUT_OK from source <relayhosts> for any relay tls > > This forces TLS on relay except for a few that don't support it. > In the new config there only seems to be tls no-verify to disable cert > verfication. How do i have to craft the action rules to to force or > disable TLS on relay? Is it even possible? > > > > Pete > > > -- > You received this mail because you are subscribed to [email protected] > To unsubscribe, send a mail to: [email protected] > -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
