On Tue, Sep 14, 2010 at 04:06:34PM +0300, Eero Volotinen wrote:
> How to configure postfix only allow tlsv1 connections (no plaintext
> allowed) from defined ip ranges? three hosts are needed to communicate
> smarthost with tlsv1 only?
The Postfix SMTP server has no per-client TLS cipher/protocol policy. The
reasons are described in:
http://www.postfix.org/TLS_README.html#client_tls_limits
TLS security policy is left primarily to the client. You can configure a
custom SMTP listener that only offers TLSv1 and imposes other appropriate
restrictions, and configure the clients in question to send mail into that
custom listener (ip:port).
--
Viktor.
