[pmg-devel] [PATCH pmg-docs 1/2] add short documentation for /etc/pmg/tls_policy

Stoiko Ivanov s.ivanov at proxmox.com
Wed Sep 26 17:57:25 CEST 2018

Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
 asciidoc/asciidoc-pmg.conf |  1 +
 pmgconfig.adoc             | 12 ++++++++++--
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/asciidoc/asciidoc-pmg.conf b/asciidoc/asciidoc-pmg.conf
index 3f49d0f..278ffca 100644
--- a/asciidoc/asciidoc-pmg.conf
+++ b/asciidoc/asciidoc-pmg.conf
@@ -11,6 +11,7 @@ manmanual=Proxmox Mail Gateway Documentation
+postfix_tls_readme=http://www.postfix.org/TLS_README.html[Postfix TLS Readme]
diff --git a/pmgconfig.adoc b/pmgconfig.adoc
index 2e8c16c..1db3049 100644
--- a/pmgconfig.adoc
+++ b/pmgconfig.adoc
@@ -89,6 +89,10 @@ List of local (trusted) networks.
 Stores your subscription key and status.
+TLS policy for outbound connections.
 Message delivery transport setup.
@@ -324,9 +328,13 @@ the information that is transmitted with SMTP mail. When you activate
 TLS, {pmg} automatically generates a new self signed
 certificate for you (`/etc/pmg/pmg-tls.pem`).
-{pmg} uses opportunistic TLS encryption. The SMTP transaction is
+{pmg} uses opportunistic TLS encryption by default. The SMTP transaction is
 encrypted if the 'STARTTLS' ESMTP feature is supported by the remote
-server. Otherwise, messages are sent in the clear.
+server.  Otherwise, messages are sent in the clear.
+You can set a different TLS policy per desitination domain, should you for
+example need to prevent e-mail delivery without encryption, or to work around
+a broken 'STARTTLS' ESMTP implementation. See {postfix_tls_readme} for details
+on the supported policies.
 Enable TLS logging::

More information about the pmg-devel mailing list