[pmg-devel] applied-series: [PATCH pmg-api/pmg-gui v2 0/5] expand TLS Destination Policy and improve lmtp downstream handling

Thomas Lamprecht t.lamprecht at proxmox.com
Tue Mar 24 13:40:35 CET 2020


On 3/18/20 11:23 AM, Stoiko Ivanov wrote:
> changes v1->v2:
> * incorporated Dominik's feedback w.r.t. the optional 'ipv6:' prefix for
>   literal ipv6 addresses (both for 'transport' and 'tls_policy' - huge thanks!
> * while testing noted that the rendering of transports with literal ipv6
>   addresses was wrong in case the downstream protocol was 'lmtp'
> * while testing setting tls policies for lmtp noticed that postfix has
>   distinct configuration parameters for lmtp and tls support - added those
>   to the main.cf.in template (explicitly setting them to the value for the
>   smtp client)
> * fixed an oversight in regex subexpression matching
> 
> cover-letter of v1:
> The following patchset addresses #1948, and allows users to specify next-hop
> destinations (as defined in the transports (5) table) in additions to domains
> in the tls_policy table. This is needed if you want to set a specific TLS
> policy for a downstream server (from PMG's perspective) - e.g. if you need
> to ensure encrypted communication with your mailserver (or if your mailservers'
> TLS implementation is a broken or outdated and you need to disable TLS for it)
> 
> The minimal fix is contained in the first patch for pmg-api.
> 
> The remaining patches rename the used 'domain' property into 'destination',
> since it's more fitting. I tried to maintain backward compatibility on the API
> level - but would be grateful for suggestions of alternatives.
> 
> 

applied series, with Dominik's R-b and a followup for patch 1/5.
Thanks!



More information about the pmg-devel mailing list