Postfix - secure relaying to smarthost
# client TLS parameters | |
smtp_tls_security_level = secure | |
smtp_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1 | |
smtp_tls_mandatory_ciphers = high | |
smtp_tls_cert_file=/etc/letsencrypt/live/XXX/fullchain.pem | |
smtp_tls_key_file=/etc/letsencrypt/live/XXX/privkey.pem | |
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt | |
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache | |
smtp_tls_loglevel = 1 | |
smtp_tls_note_starttls_offer = yes | |
# relay to smarthost | |
relayhost = [XXX]:587 | |
smtp_sasl_auth_enable = yes | |
smtp_sasl_password_maps = hash:/etc/postfix/sasl_password | |
smtp_sasl_tls_verified_security_options = noanonymous |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment