On Tue, Aug 22, 2017, at 09:36 AM, /dev/rob0 wrote: > See reject_plaintext_session, and in the case as you described, > check_client_access: > > http://www.postfix.org/postconf.5.html#reject_plaintext_session > http://www.postfix.org/postconf.5.html#check_client_access > http://www.postfix.org/access.5.html
Ok, didn't know about reject_plaintext_session so thanks! Based on your comment I found http://postfix.1071664.n5.nabble.com/Server-equivilent-of-smtp-tls-policy-maps-td26112.html that provides the concrete example smtpd_client_restrictions = check_client_access lmdb:/etc/postfix/require_crypt # require_crypt.lmdb example.com reject_plaintext_session So that looks like it should work.
