On Wed, Feb 10, 2016 at 05:50:21PM +0000, Eray Aslan wrote:
> I am looking for a quick way to determine whether the client and server
> tls setting are at their default values. Something similar to the
> attached patch perhaps.
>
> Use case: If ssl support is requested by the user, I am hoping to issue
>
> postfix tls all-default-client && postfix tls enable-client
> postfix tls all-default-server && postfix tls enable-server
Well "postfix tls enable-client|server" already checks whether the
key client or server TLS settings are at their defaults, and if
not only suggests recommended settings without making any changes.
Are you looking to avoid the "noisy" suggestions?
The patch looks fine. Wietse may well merge it before 3.1.0 is
done, though we're basically in a code freeze now, so I don't know
whether patches like this violate the requisite discipline.
> and enable tls out of the box during installation.
This is indeed one of the goals of the new feature, but I thought
that for now (and perhaps long-term) this should be left up to
distributions, which install Postfix packages, rather than Postfix
itself.
--
Viktor.
