On 02/19/2016 05:01 AM, Viktor Dukhovni wrote:
On Thu, Feb 18, 2016 at 08:16:12PM +0530, Jayesh Shinde wrote:
How to relay only specific domain's email on over TLS and rest all other on
port 25 as normal i.e without TLS ?
Postfix 2.3 .. 2.10:
main.cf:
indexed = ${default_database_type}:${config_directory}/
smtp_tls_security_level = none
smtp_tls_policy_maps = ${indexed}tls-policy
smtp_tls_CAfile = ${config_directory}/CA_Bundle.pem
tls-policy:
example.com secure match=nexthop:dot-nexthop
I am doing this setting for sending email to "aexp.com" .
w.r.t above info and docs i made below setting , but remote host saying
" 530 Must issue a STARTTLS command first."
*
*http://www.postfix.org/postconf.5.html#smtp_tls_security_level
none :-- No TLS. TLS will not be used unless enabled for specific
destinations via smtp_tls_policy_maps.
http://www.postfix.org/postconf.5.html#smtp_tls_policy_maps*
*current config for postfix-2.10.0-1.el6.x86_64 main.cf :--
smtp_tls_security_level = none
smtp_tls_CAfile = /etc/postfix/CA_Bundle.pem
smtp_tls_policy_maps=hash:/etc/postfix/tls_policy
[root@smtp1 postfix]# cat /etc/postfix/tls_policy
aexp.com secure match=wppim001.aexp.com:.wppim001.aexp.com
Feb 19 13:50:43 smtp1 postfix/smtp[20613]: DE8E35FA0F:
to=<usern...@aexp.com>, relay=wppim001.aexp.com[148.173.96.171]:25,
delay=7.8, delays=6.6/0/0.79/0.42, dsn=5.0.0, status=bounced (host
wppim001.aexp.com[148.173.96.171] said: 530 Must issue a STARTTLS
command first. (in reply to MAIL FROM command))
I am missing any config option ?
Regards
Jayesh Shinde
