On Fri, 11 Jul 2014 11:29:11 +0200 Robert Schetterer <r...@sys4.de> wrote:
>Am 11.07.2014 11:10, schrieb BlueStar88: >> I'd like to setup a Trusted-only MTA for a special domain. > >if you have both servers under your control you may always cover con by >vpn, and use special transport ,additional to postfix secure features Hello Robert, yes, I do this already between my own servers. ;-) My point is, to roll out internet reachable special domains, with having security features enabled to their full extend. This covers perfect inbound handling as well. Postfix does already fully qualified certificate checks on inbound connections, but I can't make any use of it. Well, except realtime log file parsing (looking for "Trusted TLS connection established from...") and taking whatever action thereafter. Best would be, if Postfix simply rejects inbound TLS connections, which are not reaching the given security level. Regards BlueStar88
signature.asc
Description: PGP signature
