The TLS level is now a paremeter everywhere.
This commit is contained in:
parent
05e4cb9478
commit
f6dcee2182
|
|
@ -27,7 +27,7 @@ postfix_tls_dhparam_file: /etc/postfix/dhparam.pem
|
||||||
# Accepted values: none, may, encrypt
|
# Accepted values: none, may, encrypt
|
||||||
postfix_smtpd_tls_security_level: encrypt
|
postfix_smtpd_tls_security_level: encrypt
|
||||||
# Accepted values: none, may, encrypt, fingerprint, verify, secure. And from 2.11: dane, dane-only
|
# Accepted values: none, may, encrypt, fingerprint, verify, secure. And from 2.11: dane, dane-only
|
||||||
postfix_smtp_tls_security_level: encrypt
|
postfix_smtp_tls_security_level: may
|
||||||
postfix_use_sasl_auth: True
|
postfix_use_sasl_auth: True
|
||||||
postfix_smtp_sasl_auth_enable: "yes"
|
postfix_smtp_sasl_auth_enable: "yes"
|
||||||
postfix_smtp_create_relay_user: True
|
postfix_smtp_create_relay_user: True
|
||||||
|
|
|
||||||
|
|
@ -16,7 +16,7 @@ smtp inet n - n - - smtpd
|
||||||
{% if postfix_smtpd_server %}
|
{% if postfix_smtpd_server %}
|
||||||
submission inet n - n - - smtpd
|
submission inet n - n - - smtpd
|
||||||
-o syslog_name=postfix/submission
|
-o syslog_name=postfix/submission
|
||||||
-o smtpd_tls_security_level=encrypt
|
-o smtpd_tls_security_level={{ postfix_smtpd_tls_security_level }}
|
||||||
{% if postfix_use_letsencrypt %}
|
{% if postfix_use_letsencrypt %}
|
||||||
-o smtpd_tls_cert_file={{ letsencrypt_acme_certs_dir }}/cert
|
-o smtpd_tls_cert_file={{ letsencrypt_acme_certs_dir }}/cert
|
||||||
-o smtpd_tls_key_file={{ letsencrypt_acme_certs_dir }}/privkey
|
-o smtpd_tls_key_file={{ letsencrypt_acme_certs_dir }}/privkey
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue