bump version to 5.1-4

[pmg-docs.git] / pmgconfig.adoc

diff --git a/pmgconfig.adoc b/pmgconfig.adoc
index 2e8c16cbedbb1660eb5561509c7f5cf5ac4ec62f..a8e55d0a83015375261e9788717e52c3b78e7b59 100644 (file)
--- a/pmgconfig.adoc
+++ b/pmgconfig.adoc
@@ -89,6 +89,10 @@ List of local (trusted) networks.
 
 Stores your subscription key and status.
 
+`/etc/pmg/tls_policy`::
+
+TLS policy for outbound connections.
+
 `/etc/pmg/transports`::
 
 Message delivery transport setup.
@@ -171,6 +175,7 @@ NOTE: Modified templates from `/etc/pmg/templates/` are automatically
 synced from the master node to all cluster members.
 
 
+[[pmgconfig_systemconfig]]
 System Configuration
 --------------------
 
@@ -231,6 +236,7 @@ include::pmg.admin-conf-opts.adoc[]
 Mail Proxy Configuration
 ------------------------
 
+[[pmgconfig_mailproxy_relaying]]
 Relaying
 ~~~~~~~~
 
@@ -243,6 +249,7 @@ using the following configuration keys:
 
 include::pmg.mail-relaying-conf-opts.adoc[]
 
+[[pmgconfig_mailproxy_relay_domains]]
 Relay Domains
 ~~~~~~~~~~~~~
 
@@ -255,6 +262,7 @@ system will relay mail to. The system will reject incoming mails to
 other domains.
 
 
+[[pmgconfig_mailproxy_ports]]
 Ports
 ~~~~~
 
@@ -268,6 +276,7 @@ using the following configuration keys:
 include::pmg.mail-ports-conf-opts.adoc[]
 
 
+[[pmgconfig_mailproxy_options]]
 Options
 ~~~~~~~
 
@@ -281,6 +290,7 @@ using the following configuration keys:
 include::pmg.mail-options-conf-opts.adoc[]
 
 
+[[pmgconfig_mailproxy_transports]]
 Transports
 ~~~~~~~~~~
 
@@ -297,6 +307,7 @@ You can add the IP addresses, hostname and SMTP ports and mail domains (or
 just single email addresses) of your additional e-mail servers.
 
 
+[[pmgconfig_mailproxy_networks]]
 Networks
 ~~~~~~~~
 
@@ -311,6 +322,7 @@ NOTE: Hosts in the same subnet with Proxmox can relay by default and
 it’s not needed to add them in this list.
 
 
+[[pmgconfig_mailproxy_tls]]
 TLS
 ~~~
 
@@ -324,9 +336,13 @@ the information that is transmitted with SMTP mail. When you activate
 TLS, {pmg} automatically generates a new self signed
 certificate for you (`/etc/pmg/pmg-tls.pem`).
 
-{pmg} uses opportunistic TLS encryption. The SMTP transaction is
+{pmg} uses opportunistic TLS encryption by default. The SMTP transaction is
 encrypted if the 'STARTTLS' ESMTP feature is supported by the remote
-server. Otherwise, messages are sent in the clear.
+server.  Otherwise, messages are sent in the clear.
+You can set a different TLS policy per desitination domain, should you for
+example need to prevent e-mail delivery without encryption, or to work around
+a broken 'STARTTLS' ESMTP implementation. See {postfix_tls_readme} for details
+on the supported policies.
 
 Enable TLS logging::
 
@@ -360,6 +376,7 @@ NOTE: If you use a backup MX server (e.g. your ISP offers this service
 for you) you should always add those servers here.
 
 
+[[pmgconfig_spamdetector]]
 Spam Detector Configuration
 ---------------------------
 
@@ -382,6 +399,7 @@ false negatives.
 include::pmg.spam-conf-opts.adoc[]
 
 
+[[pmgconfig_spamdetector_quarantine]]
 Quarantine
 ~~~~~~~~~~
 
@@ -403,9 +421,11 @@ and not in the webinterface.
 include::pmg.spamquar-conf-opts.adoc[]
 
 
+[[pmgconfig_clamav]]
 Virus Detector Configuration
 ----------------------------
 
+[[pmgconfig_clamav_options]]
 Options
 ~~~~~~~
 
@@ -431,6 +451,7 @@ updated. But you can see the database status on the GUI, and you can
 trigger manual updates there.
 
 
+[[pmgconfig_clamav_quarantine]]
 Quarantine
 ~~~~~~~~~~
 
@@ -476,6 +497,7 @@ User Management
 User management in {pmg} consists of three types of users/accounts:
 
 
+[[pmgconfig_localuser]]
 Local Users
 ~~~~~~~~~~~
 
@@ -513,6 +535,7 @@ Local user related settings are saved in `/etc/pmg/user.conf`.
 
 For details of the fields see xref:pmg_user_configuration_file[user.conf]
 
+[[pmgconfig_ldap]]
 LDAP/Active Directory
 ~~~~~~~~~~~~~~~~~~~~~
 
@@ -555,6 +578,7 @@ After a successfull sync, the groups and users should be visible on the web
 interface. After that, you can create rules targeting LDAP users and groups.
 
 
+[[pmgconfig_fetchmail]]
 Fetchmail
 ~~~~~~~~~