On Sat, Jul 04, 2015 at 01:53:06PM -0400, Matt Saladna wrote:
> We have a multi-homed server with ~20 IP addresses that listen for incoming
> mail connections. I'd like to setup a personalized SSL certificate for 1 IP
> address over submission (non-SNI). I know this can be accomplished by adding
> a custom service in master.cf that uses smtpd with a sample config "-o
> smtp_bind_address=x.y.z -o smtpd_tls_cert_file=xyz".
The "smtp_bind_address" setting is pointless (has no effect on
smtpd(8)). The actual listen address is the one specified in
master.cf.
> This works, but if I specify 1 service, then I must likewise enumerate all
> remaining IP addresses and define custom smtpd services in master.cf.
This is not necessary, just add a host to /etc/hosts that resolves
to all 19 addresses. Then use that hostname in master.cf. Make
sure you have "multi on" in /etc/hosts.conf (IIRC) on any OS that
needs such a settting to resolve a host to all its /etc/hosts
addresses.
--
Viktor.
