Hi ,
I am using SMTP relay server with centos 6.3 ,
postfix-2.10.0-1.el6.x86_64 and TLS configuration .
How to relay only specific domain's email on over TLS and rest all
other on port 25 as normal i.e without TLS ?
The requirement is :--
---------------------------
1) Send the outgoing emails to domain1.com only on TLS.
2) Send all other email on port 25 i.e without TLS. The reason for
this is , to allow packet monitoring of all other outgoing emails with
3rd party application.
Changes made :--
----------------------
For the 1st requirement , I made below changes in main.cf. And by this
mail relay on TLS for domain1.com is working properly.
transport_maps = hash:/etc/postfix/tls_enable_domain
smtp_tls_policy_maps=hash:/etc/postfix/tls_policy
smtp_use_tls = yes
[root@smtp1 ~]# cat /etc/postfix/tls_enable_domain
.domain1.com smtp:[mx1.domain1.com]
domain1.com smtp:[mx1.domain1.com]
[root@smtp1 ~]# cat /etc/postfix/tls_policy
mx1.domain1.com secure match=mx1.domain1.com
Problem :--
--------------
1) By doing above changes all other emails are also going on with TLS .
And its because of "smtp_use_tls = yes" .
Example: While sending email to Gmail.com its getting relay over TLS (
header showing the same )
2) To address this I tried by another method like below . But by this
config emails are not getting deliver to domain1.com over TLS .
where as all other emails are getting deliver port 25 i.e without TLS
In main.cf :--
transport_maps = hash:/etc/postfix/tls_enable_domain
smtp_tls_policy_maps=hash:/etc/postfix/tls_policy
smtp_use_tls = no
master.cf
securetls unix - - n - - smtp
-o securetls_tls_security_level = may
-o securetls_use_tls = yes
-o securetls_tls_CAfile = /etc/postfix/CA_Bundle.pem
[root@smtp1 ~]# cat /etc/postfix/tls_policy
mx1.domain1.com secure match=mx1.domain1.com
[root@smtp1 ~]# cat /etc/postfix/tls_enable_domain
.domain1.com securetls:[mx1.domain1.com]
domain1.com securetls:[mx1.domain1.com]
Please guide .
Regards
Jayesh Shinde
