On Thu, Feb 12, 2009 at 08:33:35AM -0500, Wietse Venema wrote:
> > > > is there a way to enforce TLS dependent on the sender domain?
>
> This would have to be simulated with sender_dependent_relayhost_maps.
> Specify a Postfix instance that encrypts all outbound mail. Postfix
> multi-instance support will go alpha in a few days.
To expand this a bit, you deploy (at least) two Postfix instances on
your system.
The input instance accepts mail from senders and normally delivers it
directly to the nexthop gateway for the destination. You already have
this.
The (TLS) output instance has a separate config_directory, queue_directory
and data_directory, but shares the Postfix executables and docs. In the
output instance, TLS is enforced for certain destinations.
The input instance uses sender_dependent_relayhost_maps to route some
mail to the (TLS) output instance.
This scales poorly if different customers want to enforce TLS for
different sets of destinations at different security levels. If that
happens, it is much better to just field a separate input MTA for
"special-needs" customers, and have the input instances do all the work.
The main difficulty with multiple input instances is that it is difficult
to get the process limits right. If loads on all the input instances
spike at the same time, your system may not have enough disk I/O or CPU
to handle the load.
There is no sender_dependent_tls_policy_maps, nor any lookup key syntax
for TLS policy by sender *and* recipient domain combined.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
