King0770-Notes-smtp tls policy maps: Difference between revisions

(Created page with "{{Unsupported}}|{{ZCS 8.7}}|{{ZCS 9.0}} {{WIP}} <strong>The contents of this article are not yet complete and should be considered highly experimental.</strong> By default,...")
 
No edit summary
Line 5: Line 5:


By default, Zimbra has never modified smtp_tls_policy_maps, so adding smtp_tls_policy_maps would be considered a custom change. However, using the zimbra account, you could add the following to the /opt/zimbra/conf/zmconfigd.cf file; right above the <strong>RESTART mta</strong> line.
By default, Zimbra has never modified smtp_tls_policy_maps, so adding smtp_tls_policy_maps would be considered a custom change. However, using the zimbra account, you could add the following to the /opt/zimbra/conf/zmconfigd.cf file; right above the <strong>RESTART mta</strong> line.
<pre><code>
<code><pre>
POSTCONF smtp_tls_policy_maps        lmdb:/opt/zimbra/conf/tls_policy
POSTCONF smtp_tls_policy_maps        lmdb:/opt/zimbra/conf/tls_policy
</code></pre>
</pre></code>


Then restart the MTA to pick up the changes.  
Then restart the MTA to pick up the changes.  
<pre><code>
<code><pre>
zmmtactl restart
zmmtactl restart
</code></pre>
</pre></code>


Then check it as the zimbra user...
Then check it as the zimbra user...
<pre><code>
<code><pre>
postconf | grep smtp_tls_policy_maps
postconf | grep smtp_tls_policy_maps
smtp_tls_policy_maps = lmdb:/opt/zimbra/conf/tls_policy      <<== Should see this
smtp_tls_policy_maps = lmdb:/opt/zimbra/conf/tls_policy      <<== Should see this
</code></pre>
</pre></code>


Make sure to run postmap against the /opt/zimbra/conf/tls_policy file; use "lmdb" not "hash"
Make sure to run postmap against the /opt/zimbra/conf/tls_policy file; use "lmdb" not "hash"
<pre><code>
<code><pre>
postmap /opt/zimbra/conf/tls_policy
postmap /opt/zimbra/conf/tls_policy
</code></pre>
</pre></code>


Changes to the zmconfigd.cf will NOT survive upgrades.<br>
Changes to the zmconfigd.cf will NOT survive upgrades.<br>

Revision as of 20:09, 5 December 2017

|ZCS 8.7 Article ZCS 8.7 |ZCS 9.0 Article ZCS 9.0


The contents of this article are not yet complete and should be considered highly experimental.

By default, Zimbra has never modified smtp_tls_policy_maps, so adding smtp_tls_policy_maps would be considered a custom change. However, using the zimbra account, you could add the following to the /opt/zimbra/conf/zmconfigd.cf file; right above the RESTART mta line.

POSTCONF smtp_tls_policy_maps        lmdb:/opt/zimbra/conf/tls_policy

Then restart the MTA to pick up the changes.

zmmtactl restart

Then check it as the zimbra user...

postconf | grep smtp_tls_policy_maps
smtp_tls_policy_maps = lmdb:/opt/zimbra/conf/tls_policy      <<== Should see this

Make sure to run postmap against the /opt/zimbra/conf/tls_policy file; use "lmdb" not "hash"

postmap /opt/zimbra/conf/tls_policy

Changes to the zmconfigd.cf will NOT survive upgrades.

Notable RFE: https://bugzilla.zimbra.com/show_bug.cgi?id=108691

Additional Info: http://www.postfix.org/postconf.5.html#smtp_tls_policy_maps

Jump to: navigation, search