291467setting up postscreen on a system with multiple external interfaces
- Feb 21, 2013Hello all,
Please help me with the following. I have here a postfix system that
listens on multiple (external) interfaces, e.g. one of them receives
e-mail from the internet, one of them receives more or less secure mail
from associated institutions.
E-mail received on the "internet" interface receives full processing,
including amavis which calls spamassassin (by proxy filter) and it
should offer "may" level TLS (no discussion about that please ;-)).
The e-mail received on the "secure" interface receives limited
processing, e.g. no amavis and it doesn't need to offer TLS.
Besides that there are also a few "internal" interfaces postfix listens
on as well, with minimal processing, but with dkim signing.
So there are actually multiple flows through the system, depending on
the interface the mail was received on.
I want to start using postscreen. Of course I am not going to "test" in
a production environment, so I made a comparable postfix installation
and with that installation I ran into a problem:
The options (-o) that I specify on the various per-interface smtpd
instances are NOT honoured anymore. I can check that quite easily
because the hello string varies per interface and also TLS is no longer
offered (disabled in the main.cf and enable on a per-interface basis in
the master.cf file). When I revert to non-postscreen operation, it works
Is this intentional? A know bug? Or something I should do another way?
Anyone that has this configuration running, with postscreen?
I must say the "howto" isn't very clear on this matter, it assumes you
only have only one external interface.
Thanks in advance.
- Next post in topic >>