We have been requested to setup a TLS enforcement policy for one of our
clients to pass a security review.
The policy would require that certain client connections be forced to use
TLS to allow mail to be accepted.
These connections would be pre-determined routes - by IP address or Hostname
- from a table or a possibly DNS lookup.
We are only in control of one side of the communication.
It looks as if we can control the outbound via "smtp_tls_policy_maps" and
force the encryption
However for incoming mail it looks like "smtpd_tls_security_level" it is all
or none on enforcement of encryption.
Does such a control exist?
Thanks,
Kevin Coveney
