I'm enforcing inbound TLS from my internal network with these settings:
main.cf
smtpd_tls_security_level = may
smtpd_sender_restrictions =
check_client_access cidr:/etc/postfix/enforced_inbound_tls.cidr
enforced_inbound_tls.cidr
10.0.0.0/8 reject_plaintext_session
My question is, does the following setting in main.cf apply to tls
connections that are enforced with check_client_access? If yes, then is
there a way to set this to low for a particular IP or subnet, and leave
it to medium for everybody else?
smtpd_tls_mandatory_ciphers = low
