NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2005-12

Re: tls_per_site

From: Laurence Moughan (Laurence.Moughanaerlingus.com)
Date: Mon Dec 19 2005 - 04:44:21 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

Please could someone advise ,

if i use

smtp_use_tls = yes

and

tls_per_site = /path/to/file

will all sites attempt to use TLS if offered via STARTTLS,

AND sites in tls_per_site file use TLS as per the table config.

or.............

do i have to have smtp_use_tls = no

and have ALL possibles mx ( or a wildcard ?? ) in tls_per_site file ?

if wildcard possible hpow do i do say,

#
#
tu-cottbus.de MUST_NOPEERMATCH
hertz.com MUST_NOPEERMATCH
all_other_sites MAY
#
#

Thanks

Laurence

>>> Victor.DuchovniMorganStanley.com 12/02/05 5:03 >>>
On Fri, Dec 02, 2005 at 12:21:16PM +0000, Laurence Moughan wrote:

> Hello All,
>
> i have
>
> smtp_tls_per_site = dbm:/etc/postfix/tls_per_site
> and
> transport_maps = dbm:/etc/postfix/transport
>
> with
>
> tls_per_site
>
> tu-cottbus.de MUST_NOPEERMATCH
> hertz.com MUST_NOPEERMATCH
>

The lookup keys for the tls_per_site table are the specific MX host
and if that is not found, the nexthop domain. If your transport
table overrides the nexthop domain, use the nexthop from the
transport table. For example.

transport:
example.com smtp:[tls.example.com]

tls_per_site:
tls.example.com MUST

--
Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majordomopostfix.org?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.

..For low fares and great deals on hotels, car hire and travel insurance visit http://www.aerlingus.com
*******************************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. Any review, dissemination or other use of, or taking
of any action in reliance upon, this information by persons or entities
other than the intended recipient is prohibited.If you have received
this email in error please notify the sender immediately and delete
the material.
*******************************************************************************

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]