On Apr 16, 2012, at 12:01, Mark Constable wrote: > I managed to get multiple SSL certs working on multiple virtual > IPs on the same server so vhost domains appeared to be completely > independent from the base server. I'd like an opinion as to whether > this is the right or best way to do this... domain1.com = 12.34.56.78 > > /etc/postfix/master.cf > > 12.34.56.78:smtps inet n - - - - smtpd > -o myhostname=domain1.com > -o smtpd_tls_wrappermode=yes > -o smtpd_client_restrictions=permit_sasl_authenticated,reject > -o milter_macro_daemon_name=ORIGINATING > -o smtpd_tls_cert_file=/etc/postfix/domain1.com.crt > -o smtpd_tls_key_file=/etc/postfix/domain1.com.key > -o smtpd_tls_CAfile=/etc/postfix/domain1.com.ca > > 12.34.56.78- unix - n n - - smtp > -o smtp_bind_address=12.34.56.78 > -o smtp_bind_address6= > -o smtp_address_preference=ipv4 > > The above seems to work for clients when sending out mail via SSL > port 465 and the recipients mail shows nothing to do with the base > server and it's real hostname. Very cool. > > However a connecting MTA on port 25 still gets a 220 realhostname > when connecting to 12.34.56.78 so would this work? > > 12.34.56.78:smtp inet n - - - - smtpd > -o myhostname=domain1.com > > Any thoughts or suggestions on how to improve this strategy?
I would not bother with prettifying headers or SMTP transaction output that is generally only seen by automated systems, but if there's a business reason why you would need this, have a look at the multi-instance documentation; http://www.postfix.org/MULTI_INSTANCE_README.html Cya, Jona
