~dricottone/container-images

5e6531c821b9b67bbe6876037cb6376e4012d5eb — Dominic Ricottone 1 year, 5 months ago d7b52b6
Fix encryption setup

Configuration was a bit confused on account of running both SMTPD and
Submission ports. I am going to prefer port 465 with implicit TLS, and
to correctly support that mode I am setting wrapper mode on.
3 files changed, 3 insertions(+), 1 deletions(-)

M postfix/main.cf
M postfix/main.cf.tls-in
M postfix/master.cf
M postfix/main.cf => postfix/main.cf +1 -0
@@ 39,6 39,7 @@ smtpd_sasl_security_options = noanonymous
smtpd_sasl_service = smtpd
smtpd_sasl_tls_security_options = noanonymous
smtpd_tls_auth_only = yes
smtpd_tls_wrappermode=yes

# Encryption
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

M postfix/main.cf.tls-in => postfix/main.cf.tls-in +1 -0
@@ 37,6 37,7 @@ smtpd_sasl_security_options = noanonymous
smtpd_sasl_service = smtpd
smtpd_sasl_tls_security_options = noanonymous
smtpd_tls_auth_only = yes
smtpd_tls_wrappermode=yes

# Encryption
smtpd_tls_chain_files = /var/letsencrypt/chain.pem

M postfix/master.cf => postfix/master.cf +1 -1
@@ 14,7 14,7 @@ smtp      inet  n       -       n       -       -       smtpd
#smtpd     pass  -       -       n       -       -       smtpd
#dnsblog   unix  -       -       n       -       0       dnsblog
#tlsproxy  unix  -       -       n       -       0       tlsproxy
submission inet n       -       n       -       -       smtpd
#submission inet n       -       n       -       -       smtpd
#  -o syslog_name=postfix/submission
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes