How did I misunderstand the settings if Wietse said that smtp_tls_dane_insecure_mx_policy only defaults to dane, when the smtp_tls_security_level variable is set to dane, else it defaults to may, regardless of the security level returned by smtp_tls_policy_maps?
Either is Wietse wrong or you didn‘t understand me.
> Am 09.02.2025 um 02:53 schrieb Viktor Dukhovni via Postfix-users
> <postfix-users@postfix.org>:
>
> On Sat, Feb 08, 2025 at 04:41:53PM -0500, Wietse Venema via Postfix-users
> wrote:
>
>>
>> smtp_tls_dane_insecure_mx_policy = ${{$smtp_tls_security_level} == {dane} ?
>> {dane} : {may}}
>>
>> I have one question:
>>
>> - Should this expression use the security level from
>> main.cf:smtp_tls_security_level?
>>
>> - Or should it use the actual security level after policy lookup?
>>
>> If the latter, then some code will need to be moved.
>
> I don't see a compelling reason to pay the complexity cost to fine-tune
> this by destination, if absolutely necessary, a destination can be
> mapped to a transport that has a different parameter value.
>
> --
> Viktor.
> _______________________________________________
> Postfix-users mailing list -- postfix-users@postfix.org
> To unsubscribe send an email to postfix-users-le...@postfix.org
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
