With the addition of supporting lmtp as downstream server, we should also
set the relevant configuration options if TLS support is enabled.
(postfix does not use the smtp settings for lmtp)
Tested by sending a few mails to a downstream lmtp-server (dovecot)
and comparing the traffic with tcpdump/wireshark
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Reviewed-By: Dominik Csapak <d.csapak@proxmox.com>
smtpd_tls_security_level = may
smtpd_tls_cert_file = /etc/pmg/pmg-tls.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_security_level = may
smtpd_tls_cert_file = /etc/pmg/pmg-tls.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
+
+lmtp_tls_security_level = $smtp_tls_security_level
+lmtp_tls_policy_maps = $smtp_tls_policy_maps
+lmtp_tls_CAfile = $smtp_tls_CAfile
[% IF pmg.mail.tlslog %]
smtpd_tls_loglevel = 1
smtp_tls_loglevel = 1
[% IF pmg.mail.tlslog %]
smtpd_tls_loglevel = 1
smtp_tls_loglevel = 1
+lmtp_tls_loglevel = $smtp_tls_loglevel
[% END %]
[% IF pmg.mail.tlsheader %]
smtpd_tls_received_header = yes
[% END %]
[% IF pmg.mail.tlsheader %]
smtpd_tls_received_header = yes
smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache
smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache
+lmtp_tls_session_cache_database = btree:/var/lib/postfix/lmtp_tls_session_cache
[% IF pmg.mail.hide_received %]
unverified_recipient_reject_reason = Recipient address lookup failed
[% IF pmg.mail.hide_received %]
unverified_recipient_reject_reason = Recipient address lookup failed