Skip to content

Instantly share code, notes, and snippets.

@brainsik brainsik/main.cf
Created May 1, 2017

Embed
What would you like to do?
Postfix - secure relaying to smarthost
# client TLS parameters
smtp_tls_security_level = secure
smtp_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtp_tls_mandatory_ciphers = high
smtp_tls_cert_file=/etc/letsencrypt/live/XXX/fullchain.pem
smtp_tls_key_file=/etc/letsencrypt/live/XXX/privkey.pem
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_loglevel = 1
smtp_tls_note_starttls_offer = yes
# relay to smarthost
relayhost = [XXX]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_password
smtp_sasl_tls_verified_security_options = noanonymous
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.