On 11/19/2010 09:59 PM, Jerry wrote:
If I were to place this in my main.cf file:smtpd_client_restrictions = ... reject_plaintext_session Wouldn't that effectively enforce TLS or am I failing to understand the directive?
Yes.
To enforce TLS, use
smtpd_tls_security_options = encrypt
If you were to add reject_plaintext_session to your *client*
restrictions, any attempt at STARTTLS would fail, and you would never
receive mail.
-- J.
