Hi Wietse On Tue, 05 Apr 2011 22:07 -0400, "Wietse Venema" <wie...@porcupine.org> wrote: > Postscreen is an additional line of defense. It does not replace > the other Postfix features, but rather, it aims to reduce the > pressure on those features.
Okay. Is that "doesn't replace" true for all its functions? Specifically, re: TLS, I see that postscreen supports STARTTLS connections. Is that TLS handshake 'sufficient' then for other step in the mail delivery path, or will subsequent Postfix instances (e.g., inbound pre-filter, outbound post-filter), each also need TLS configuration paramaters? I like the concept of the MultiInstance setup -- each piece of the puzzle being cleanly configured to do "its thing" well, but I'm still a bit foggy on how much config needs to be replicated. Thanks DChil
