Enable dual use of RSA and ECDSA certificates
for submission und smtp port
This commit is contained in:
parent
111a1c05ab
commit
45c7bf0c50
1 changed files with 12 additions and 8 deletions
|
@ -17,15 +17,17 @@ tlsproxy unix - - y - 0 tlsproxy
|
|||
smtps inet n - y - 100 smtpd
|
||||
-o syslog_name=postfix/smtps
|
||||
-o smtpd_tls_wrappermode=yes
|
||||
{% if postfix_smtpd_tls_cert_file is defined %}
|
||||
-o smtpd_tls_cert_file={{ postfix_submission_smtpd_tls_cert_file }}
|
||||
{% endif %}
|
||||
{% if postfix_smtpd_tls_key_file is defined %}
|
||||
-o smtpd_tls_key_file={{ postfix_submission_smtpd_tls_key_file }}
|
||||
{% endif %}
|
||||
{% if postfix_submission_smtpd_tls_eccert_file is defined %}
|
||||
-o smtpd_tls_eccert_file={{ postfix_submission_smtpd_tls_eccert_file }}
|
||||
{% else %}
|
||||
-o smtpd_tls_cert_file={{ postfix_submission_smtpd_tls_cert_file }}
|
||||
{% endif %}
|
||||
{% if postfix_submission_smtpd_tls_eckey_file is defined %}
|
||||
-o smtpd_tls_eckey_file={{ postfix_submission_smtpd_tls_eckey_file }}
|
||||
{% else %}
|
||||
-o smtpd_tls_key_file={{ postfix_submission_smtpd_tls_key_file }}
|
||||
{% endif %}
|
||||
-o smtpd_tls_dh1024_param_file={{ dhparam_file }}
|
||||
-o smtpd_tls_mandatory_protocols=!TLSv1,!TLSv1.1
|
||||
|
@ -40,15 +42,17 @@ smtps inet n - y - 100 smtpd
|
|||
submission inet n - y - - smtpd
|
||||
-o syslog_name=postfix/submission
|
||||
-o smtpd_tls_security_level=encrypt
|
||||
{% if postfix_smtpd_tls_cert_file is defined %}
|
||||
-o smtpd_tls_cert_file={{ postfix_submission_smtpd_tls_cert_file }}
|
||||
{% endif %}
|
||||
{% if postfix_smtpd_tls_key_file is defined %}
|
||||
-o smtpd_tls_key_file={{ postfix_submission_smtpd_tls_key_file }}
|
||||
{% endif %}
|
||||
{% if postfix_submission_smtpd_tls_eccert_file is defined %}
|
||||
-o smtpd_tls_eccert_file={{ postfix_submission_smtpd_tls_eccert_file }}
|
||||
{% else %}
|
||||
-o smtpd_tls_cert_file={{ postfix_submission_smtpd_tls_cert_file }}
|
||||
{% endif %}
|
||||
{% if postfix_submission_smtpd_tls_eckey_file is defined %}
|
||||
-o smtpd_tls_eckey_file={{ postfix_submission_smtpd_tls_eckey_file }}
|
||||
{% else %}
|
||||
-o smtpd_tls_key_file={{ postfix_submission_smtpd_tls_key_file }}
|
||||
{% endif %}
|
||||
-o smtpd_tls_dh1024_param_file={{ dhparam_file }}
|
||||
-o smtpd_client_restrictions=$submission_bad_smtp_user_check,permit_sasl_authenticated,reject
|
||||
|
|
Loading…
Reference in a new issue