Hello to all, I have several Postfix servers named MX, SMTP and MAIL on my dmz: MX is used to receive mails to our "@domain.fr" from Internet SMTP is used to send mails from "@domain.fr MAIL is used as a storage server for "@domain.fr" mails
However, I would like to be able to for example directly transmit a mail to "@domain.fr" from SMTP to MAIL without having to go out on the Internet. Both to redirect mails from "@domain.fr" users and also for example to send logwatch mails to a centralized address. Currently I use the following settings: transport_maps = hash:/etc/postfix/transport domain.fr smtp:[192.168.X.X]:465 This works but I get the following Postfix message: SMTPS wrappermode (TCP port 465) requires setting "smtp_tls_wrappermode = yes", and "smtp_tls_security_level = encrypt" (or stronger) If I put these additional settings, it doesn't work anymore because the internal address of my servers doesn't match the certificate that is created with the external addresses (I have a handshake failure) So I am tempted to use this : smtp_tls_policy_maps=hash:/etc/postfix/tls_policy and in /etc/postfix/tls_policy : domain.fr none I think I can keep the encryption of the transmission between my servers, without doing any certificate verification. Does this seem correct to you? Or is there another method more suitable? Thank you very much for your answers! Samuel
