How to use and enforce TLS in all outgoing messages from PMG to another relay host

N

Nariman

Member
Nov 11, 2017
1
0
6
41
Hello there,
I am going to use PMG as internal relay host to receive and concentrate email notifications from few services and send them to our mail server (hosted somewhere in internet). i have uploaded a valid cert and its key but it seems PMG is not using that for outgoing connections.
can anyone guide me what exactly need to be done to use TLS in outgoing direction ?
 
pmg uses opportunistic tls if you enable tls under configuration -> mailproxy -> tls (meaning it's encrypted if both sides can)
there you can also define tls policies for specific transports

if you want to set a global policy, you have to modify the postfix config by adapting the template
http://www.postfix.org/TLS_README.html
https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#pmgconfig_template_engine

in any case, i would not recommend to enforce encryption for all outgoing mails, since many mail servers on the internet still cannot encrypt or are not up-to-date enough for e.g. tls 1.0
 
  • Like
Reactions: zw1d
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom