Enable TLS connection also for SASL auth instances
This commit is contained in:
parent
be37afb7c5
commit
1e141ca6e2
1 changed files with 4 additions and 1 deletions
|
@ -49,7 +49,9 @@ smtpd_tls_loglevel = 1
|
||||||
smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
|
smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
|
||||||
smtpd_tls_dh1024_param_file = {{ postfix_dhparam_file }}
|
smtpd_tls_dh1024_param_file = {{ postfix_dhparam_file }}
|
||||||
smtpd_tls_eecdh_grade = strong
|
smtpd_tls_eecdh_grade = strong
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% if postfix_type == "internet" or postfix_smtp_sasl_auth_enabled is defined and postfix_smtp_sasl_auth_enabled %}
|
||||||
### TLS settings for SMTP client
|
### TLS settings for SMTP client
|
||||||
smtp_tls_security_level = dane
|
smtp_tls_security_level = dane
|
||||||
smtp_dns_support_level = dnssec
|
smtp_dns_support_level = dnssec
|
||||||
|
@ -158,7 +160,8 @@ smtpd_sasl_exceptions_networks = {{ postfix_smtpd_sasl_exceptions_networks | joi
|
||||||
### SMTP Auth client side
|
### SMTP Auth client side
|
||||||
smtp_sasl_auth_enable = yes
|
smtp_sasl_auth_enable = yes
|
||||||
smtp_sasl_auth_soft_bounce = no
|
smtp_sasl_auth_soft_bounce = no
|
||||||
smtp_sasl_password_maps = cdb:{{ postfix_conf_dir }}/smtp_sasl_auth_password
|
smtp_sasl_password_maps =
|
||||||
|
cdb:{{ postfix_conf_dir }}/smtp_sasl_auth_password_maps
|
||||||
smtp_sasl_security_options = noanonymous
|
smtp_sasl_security_options = noanonymous
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue