Re: Confusion : smtp_tls_auth_only vs smtpd_tls_auth_only

Viktor Dukhovni Wed, 08 Apr 2015 05:59:01 -0700

On Wed, Apr 08, 2015 at 03:55:46PM +0500, Muhammad Yousuf Khan wrote:

> -----------------------
> master.cf
> ----------------------
> 
> #dnsblog   unix  -       -       -       -       0       dnsblog
> #tlsproxy  unix  -       -       -       -       0       tlsproxy
> submission inet n       -       n       -       -       smtpd
>   -o syslog_name=postfix/submission
> #  -o smtpd_tls_security_level=encrypt
>   -o smtpd_sasl_auth_enable=yes
>   -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>   -o milter_macro_daemon_name=ORIGINATING


Where's the port 25(smtp) inet service?

> submission inet n       -       n       -       -       smtpd
>   -o syslog_name=postfix/submission
> #  -o smtpd_tls_security_level=encrypt
>   -o smtpd_sasl_auth_enable=yes
>   -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>   -o milter_macro_daemon_name=ORIGINATING

Make that:

    submission inet n       -       n       -       -       smtpd
       -o syslog_name=submission
       -o smtpd_tls_security_level=encrypt
       -o smtpd_sasl_auth_enable=yes
       -o smtpd_client_restrictions=permit_sasl_authenticated,reject
       -o milter_macro_daemon_name=ORIGINATING

> -------------------------------------
> postconf -n
> -------------------------------------
> 
> content_filter = amavis:[127.0.0.1]:10024
> smtp_tls_protocols = !SSLv2,!SSLv3
> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
> smtp_tls_security_level = encrypt

Replace the last line with:

        smtp_tls_security_level = may

-- 
        Viktor.

Re: Confusion : smtp_tls_auth_only vs smtpd_tls_auth_only

Reply via email to