Rob Maidment:
> Looking at the Postfix configuration pages I can see how the
> smtp_tls_policy_maps option can be used to enable verification of
> remote server certificates When Postfix is the client but there
> doesn't seem to be the same level of control over what verification
> takes place exactly.
The map also supports requirements for ciphers and TLS protocols,
which should address most features you missed for sending mail.
Fine-grained control over clients is not implemented. Viktor can
explain why Postfix doesn't go much beyond reject_plaintext_session.
Wietse
