Add postfix-mta-sts-resolver

2022-07-17 23:10:33 +02:00 · 2022-07-17 23:10:33 +02:00 · bb247d295c
parent dfd529059f
commit bb247d295c
2 changed files with 2 additions and 1 deletions
--- a/etc_clearnet_proxy/postfix/main.cf
+++ b/etc_clearnet_proxy/postfix/main.cf
@ -32,6 +32,7 @@ smtpd_tls_mandatory_exclude_ciphers = aNULL MD5 SHA CAMELLIA AES+SHA256 AES+SHA3
 smtp_tls_mandatory_exclude_ciphers = aNULL MD5 SHA CAMELLIA AES+SHA256 AES+SHA384
 tls_preempt_cipherlist = yes
 sender_dependent_default_transport_maps = proxy:mysql:/etc/postfix/sql/mysql_tls_policy_out.cf
+smtp_tls_policy_maps = socketmap:inet:127.0.0.1:8461:postfix
 smtp_tls_security_level = dane
 smtpd_tls_security_level = encrypt
 smtp_tls_CApath = /etc/ssl/certs
--- a/install_binaries_proxy.sh
+++ b/install_binaries_proxy.sh
@ -5,4 +5,4 @@ export LANG=C.UTF-8
 export PATH="/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin"
 # install all required packages
 DEBIAN_FRONTEND=noninteractive apt-get update
-DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends install -y bash-completion bind9 ca-certificates coturn curl git gnupg haveged iptables libsasl2-modules logrotate lsb-release nano nginx openssl postfix postfix-mysql vim wget wireguard wireguard-tools
+DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends install -y bash-completion bind9 ca-certificates coturn curl git gnupg haveged iptables libsasl2-modules logrotate lsb-release nano nginx openssl postfix postfix-mysql postfix-mta-sts-resolver vim wget wireguard wireguard-tools