Stefan Bauer:
> Hi,
>
> is there a way to specify on a per user basis (sasl authenticated user) if
> TLS should be none or may or encrypted for a specific recipient domain?
There is no "per-recipient map" version for Postfix SMTP client
parameters (or most other parameters). It does not make sense,
because
- One message may have multiple recipients.
- One connection may deliver multiple messages.
- TLS is a connection property, not a recipient property.
Instead, you can use transport_maps to choose between different
Postfix SMTP clients (with different configurations) based on the
recipient address or domain.
You can use the access map or header/body_checks FILTER action
("FILTER name-of-transport:", without a domain after the ":") to
choose delivery methods based on other message properties, with
some loss of elegance.
> I would like to have the user to decide if his mail to a specific domain
> should be TLS encrypted and then maybe bounce back but let other users
> mails to same destination domain go ahead with a may or none.
That should be possible: use the transport_maps to choose between
one Postfix SMTP client that requires TLS, and one Postfix SMTP
client that does not. This should even work when an encrypted
connection is reused (smtp_tls_connection_reuse = yes).
Wietse
