I am trying to configure postfix to disable TLS for a specific remote smtp server that serves for multiple recipient domains.
I have set up a policy map that already contains some entries for specific recipient domains that work fine. But ist there a way to configure postfix to disable TLS for a remote smtp server regardless of what domains are hosted there?
I have tried quite a few entries in my TLS policy map file but without any success. I tried:
- smtp.server.com none
- [smtp.server.com] none
- smtp.server.com:25 none
- [smtp.server.com]:25 none
- 12.23.34.45 none
- [12.23.34.45] none
- 12.23.34.45:25 none
- [12.23.34.45]:25 none
btw: yes, I postmapped the modified policy file 🙂
Still postfix tries to relay to that host using a TLS connection. As soon as I configure a specific recipient domain delivered via this mx, things work fine and no TLS connection is established. But since there are hundreds of recipient domains on the remote host, I cannot configure all of them in my policy 🙂
Any suggestions? Thanks in advance!
Best regards
Best Answer
As documented in http://www.postfix.org/TLS_README.html#client_tls_policy, a hostname or IP enclosed in square brackets is not resolved to an MX; it is assumed to be the MX.
Please provide postmap -q output for this map, and log entries that show what goes wrong.