On Mon, Aug 19, 2013 at 02:01:41PM +0200, Sig Pam wrote:
> I want to record the usage and not-usage of TLS on in- and outbound SMTP
> Sessions. I succeeded on incoming messages, but failed for outgoing.
The correct solution is to parse the logs. A log parser can
re-assemble the full state of a mail transaction. I've posted a
Perl parser along those lines some time within the last year or so
IIRC.
> smtp inet n - - - - smtpd
> -o content_filter=dfilt:
> -o content_filter=analyze:dummy
> [...]
> analyze unix - n n - 10 pipe
> flags=Rq user=filter null_sender=
> argv=/etc/postfix/before_filter -f ${sender} -- ${recipient}
>
> In conjuction with the main.cf settings
>
> smtpd_tls_received_header = yes
This is hugely inefficient.
You can use smtp_tls_policy_maps to unconditionally require TLS
for some destinations.
--
Viktor.
