From c6ac6ed9545e12fb3e4c938214dd34da828e80c5 Mon Sep 17 00:00:00 2001 From: Stoiko Ivanov Date: Wed, 18 Mar 2020 11:23:46 +0100 Subject: [PATCH] Add tls options for lmtp to main.cf template With the addition of supporting lmtp as downstream server, we should also set the relevant configuration options if TLS support is enabled. (postfix does not use the smtp settings for lmtp) Tested by sending a few mails to a downstream lmtp-server (dovecot) and comparing the traffic with tcpdump/wireshark Signed-off-by: Stoiko Ivanov Reviewed-By: Dominik Csapak --- src/templates/main.cf.in | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/templates/main.cf.in b/src/templates/main.cf.in index 1526709..190c913 100644 --- a/src/templates/main.cf.in +++ b/src/templates/main.cf.in @@ -109,9 +109,14 @@ smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt smtpd_tls_security_level = may smtpd_tls_cert_file = /etc/pmg/pmg-tls.pem smtpd_tls_key_file = $smtpd_tls_cert_file + +lmtp_tls_security_level = $smtp_tls_security_level +lmtp_tls_policy_maps = $smtp_tls_policy_maps +lmtp_tls_CAfile = $smtp_tls_CAfile [% IF pmg.mail.tlslog %] smtpd_tls_loglevel = 1 smtp_tls_loglevel = 1 +lmtp_tls_loglevel = $smtp_tls_loglevel [% END %] [% IF pmg.mail.tlsheader %] smtpd_tls_received_header = yes @@ -120,6 +125,7 @@ smtpd_tls_received_header = yes smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_session_cache +lmtp_tls_session_cache_database = btree:/var/lib/postfix/lmtp_tls_session_cache [% IF pmg.mail.hide_received %] unverified_recipient_reject_reason = Recipient address lookup failed -- 2.39.2