On Tue, Oct 17, 2017 at 11:03:46PM -0400, J Doe wrote:
> “The [] enclose a hostname which is to be looked up as a type A or
> AAAA record. Without the [] first a lookup of type MX is done, and
> where found, prioritized lookups of further hostnames (A or AAAA)
> would be done.
That's what they mean as a nexthop destination via the transport
table or similar.
> This is not specific to TLS, it is common to transport(5) and many
> similar Postfix features.
The documentation for the TLS policy table clearly states that the
lookup key for the TLS policy is the *verbatim* nexthop.
So if the transport table reads:
example.com smtp:[smtp.example.com]:smtp
Then the TLS policy entry for that would have to be:
[smtp.example.com]:smtp ...
exactly as specified in the transport table, or actual source
of nexthop information.
--
Viktor.
