I think that I have the SASL figured out, and probably it's a similar
process to get the tls_policy compliant and functional. The log:
Dec 23 13:11:32 mordor postfix/smtp[287549]: error: open database
/etc/postfix/tls_policy.db: No such file or directory
Dec 23 13:11:32 mordor postfix/smtp[287549]: warning:
hash:/etc/postfix/tls_policy is unavailable. open database
/etc/postfix/tls_policy.db: No such file or directory
Dec 23 13:11:32 mordor postfix/smtp[287549]: warning:
hash:/etc/postfix/tls_policy lookup error for "[smtp.gmail.com]:587"
root@mordor:~#
root@mordor:~# postconf -n | grep tls
smtp_sasl_tls_security_options = noanonymous
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_security_level = may
root@mordor:~#
I seem to recall needing generate a hash for this .db file, but can't seem
to recall the details. Is that about right?
thanks,
Nick
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
