[pmg-devel] [PATCH pmg-api v2 5/5] Add tls options for lmtp to main.cf template

Stoiko Ivanov s.ivanov at proxmox.com
Wed Mar 18 11:23:46 CET 2020


With the addition of supporting lmtp as downstream server, we should also
set the relevant configuration options if TLS support is enabled.
(postfix does not use the smtp settings for lmtp)

Tested by sending a few mails to a downstream lmtp-server (dovecot)
and comparing the traffic with tcpdump/wireshark

Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
---
 src/templates/main.cf.in | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/templates/main.cf.in b/src/templates/main.cf.in
index 1526709..190c913 100644
--- a/src/templates/main.cf.in
+++ b/src/templates/main.cf.in
@@ -109,9 +109,14 @@ smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
 smtpd_tls_security_level = may
 smtpd_tls_cert_file = /etc/pmg/pmg-tls.pem
 smtpd_tls_key_file = $smtpd_tls_cert_file
+
+lmtp_tls_security_level = $smtp_tls_security_level
+lmtp_tls_policy_maps = $smtp_tls_policy_maps
+lmtp_tls_CAfile = $smtp_tls_CAfile
 [% IF pmg.mail.tlslog %]
 smtpd_tls_loglevel = 1
 smtp_tls_loglevel = 1
+lmtp_tls_loglevel = $smtp_tls_loglevel
 [% END %]
 [% IF pmg.mail.tlsheader %]
 smtpd_tls_received_header = yes
@@ -120,6 +125,7 @@ smtpd_tls_received_header = yes
 
 smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache
 smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache
+lmtp_tls_session_cache_database = btree:/var/lib/postfix/lmtp_tls_session_cache
 
 [% IF pmg.mail.hide_received %]
 unverified_recipient_reject_reason = Recipient address lookup failed
-- 
2.20.1




More information about the pmg-devel mailing list