How to use and enforce TLS in all outgoing messages from PMG to another relay host

N

Nariman

Member
Nov 11, 2017
1
0
6
42
Hello there,
I am going to use PMG as internal relay host to receive and concentrate email notifications from few services and send them to our mail server (hosted somewhere in internet). i have uploaded a valid cert and its key but it seems PMG is not using that for outgoing connections.
can anyone guide me what exactly need to be done to use TLS in outgoing direction ?
 
pmg uses opportunistic tls if you enable tls under configuration -> mailproxy -> tls (meaning it's encrypted if both sides can)
there you can also define tls policies for specific transports

if you want to set a global policy, you have to modify the postfix config by adapting the template
http://www.postfix.org/TLS_README.html
https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#pmgconfig_template_engine

in any case, i would not recommend to enforce encryption for all outgoing mails, since many mail servers on the internet still cannot encrypt or are not up-to-date enough for e.g. tls 1.0
 
  • Like
Reactions: zw1d
You must log in or register to reply here.
Top Bottom