Viktor Dukhovni:
> On Sun, Aug 08, 2021 at 10:50:48AM -0400, Wietse Venema wrote:
>
> > I suppose that each client certificate will be valid only with a
> > specific host, so you would have to update the sender_transport
> > table to return a transport:nexthop result.
>
> FWIW, the OP's question was:
I would like to know how Postfix handles client certificates
for delivery i.e. when it makes a remote connection to deliver
email.
> Is it possible to control the certificate that is used per domain?
>
> If per-domain means per destination nexthop regardless of sender, the
> configuration would be simpler. Assuming just a small number of client
> certs, just configure a separate transport for each client cert, and use
> transport_maps to map the domain in question to that transport.
The question as posed previously in off-list email:
Is it possible to control the certificate that is used per email
/ per customer?
So we know that "customer" means "domain", and "certificate" means
"client certificate". We don't know if "domain" is sender or recipient.
Wietse
