> On Sep 9, 2018, at 9:46 AM, Stefan Bauer <cubew...@googlemail.com> wrote:
>
> I like the option smtp_tls_note_starttls_offer = yes
> but when a host is logged, it's hard to keep track to which recipient
> domain that host belong without doing dns-lookups against all listed
> in smtp_tls_policy_maps.
Well, TLS is by nexthop domain not recipient domain. Typically the
nexthop domain is the recipient domain, but with "relayhost" or
other transport overrides, they need not be the same. So if your
goal is discover which policy got you there, then you want the
nexthop logged.
If you use the collate.pl script (which may need tweaks to
match the initial boilerplate part of your syslog message format
with the data, hostname, ...) included with the Postfix source
you can see which deliveries correspond to the messages in
question. We could log the nexthop domain in a future release,
this is not an unreasonable request.
--
Viktor.
