wie...@porcupine.org (Wietse Venema) writes: > Eric Abrahamsen: >> > TLS? In that case you also need two tlsproxy services, each with >> > their own certificate stuff. >> > >> > 1.2.3.5:smtp inet n - n - 1 postscreen >> > -o tlsproxy_service_name=tlsproxy_1.2.3.5 >> > -o smtpd_service_name=smtpd_1.2.3.5 >> > -o syslog_name=postfix/1.2.3.5 >> > smtpd_1.2.3.5 pass - - n - - smtpd >> > -o syslog_name=postfix/1.2.3.5 >> > tlsproxy_1.2.3.5 ...other master settings... >> > -o syslog_name=postfix/1.2.3.5 >> > ...certificate stuff... >> >> Yes, that was the whole point of this! Thanks for the extra notes. I've >> had things running for the past day or so without the separate tlsproxy >> services, and haven't noticed any immediately obvious errors in the >> logs. On the other hand, I *have* noticed an increase in spam, so >> probably it hasn't been working after all! I'll tweak further tonight. >> >> Is this particular setup detailed in the docs anywhere? It seems like >> something a fair number of people will be interested in. I can do some >> sort of blog post, but I don't know how many people it would reach. > > The "-o <service>_name" feature works, but it quickly becomes > unwieldy with more comples configurations. For complex setups, > separate Postfix instances are a more manageable solution than a > web of -o options. Unfortunately some distros don't handle multiple > Postfix instance support well.
Okay, got it. My setup is fairly simple, so I'll stick with this for now. Thanks again, Eric
