[pmg-devel] [PATCH pmg-api v2 5/5] Add tls options for lmtp to main.cf template
Stoiko Ivanov
s.ivanov at proxmox.com
Wed Mar 18 11:23:46 CET 2020
With the addition of supporting lmtp as downstream server, we should also
set the relevant configuration options if TLS support is enabled.
(postfix does not use the smtp settings for lmtp)
Tested by sending a few mails to a downstream lmtp-server (dovecot)
and comparing the traffic with tcpdump/wireshark
Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
---
src/templates/main.cf.in | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/templates/main.cf.in b/src/templates/main.cf.in
index 1526709..190c913 100644
--- a/src/templates/main.cf.in
+++ b/src/templates/main.cf.in
@@ -109,9 +109,14 @@ smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtpd_tls_security_level = may
smtpd_tls_cert_file = /etc/pmg/pmg-tls.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
+
+lmtp_tls_security_level = $smtp_tls_security_level
+lmtp_tls_policy_maps = $smtp_tls_policy_maps
+lmtp_tls_CAfile = $smtp_tls_CAfile
[% IF pmg.mail.tlslog %]
smtpd_tls_loglevel = 1
smtp_tls_loglevel = 1
+lmtp_tls_loglevel = $smtp_tls_loglevel
[% END %]
[% IF pmg.mail.tlsheader %]
smtpd_tls_received_header = yes
@@ -120,6 +125,7 @@ smtpd_tls_received_header = yes
smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache
+lmtp_tls_session_cache_database = btree:/var/lib/postfix/lmtp_tls_session_cache
[% IF pmg.mail.hide_received %]
unverified_recipient_reject_reason = Recipient address lookup failed
--
2.20.1
More information about the pmg-devel
mailing list