Tlshosts/FQDN.pem: Difference between revisions
Jump to navigation
Jump to search
(Created page with "<u>'''tlshosts/FQDN.pem'''</u> man '''qmail-remote''' excerpt: '''qmail-remote''' requires TLS authentication from servers for which this certificate exists ('''FQDN''' is the fully-qualified domain name of the server). One of the <u>dNSName</u> or the <u>CommonName</u> attributes have to match. '''WARNING:''' this option may cause mail to be delayed, bounced, doublebounced, or lost.") |
No edit summary |
||
(3 intermediate revisions by the same user not shown) | |||
Line 7: | Line 7: | ||
'''WARNING:''' this option may cause mail to be delayed, bounced, doublebounced, or lost. | '''WARNING:''' this option may cause mail to be delayed, bounced, doublebounced, or lost. | ||
Force TLS encryption for a particular domain or Exceptions to 'control/tlshosts/exhaustivelist': | |||
1) # nslookup -type=mx 'domain.tld' | |||
domain.tld mail exchanger = 0 mx.domain.tld. | |||
2) # mkdir /var/qmail/control/tlshosts | |||
a) qmail-1.03-3.3.7>= | |||
1. # ln -s /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem /var/qmail/control/tlshosts/mx.domain.tls.pem | |||
b) qmail-1.03-3.3.7< | |||
1. # touch /var/qmail/control/tlshosts/mx.domain.tld.pem | |||
[[Control_Files_by_Function#qmail-remote|qmail-remote]] |
Latest revision as of 14:22, 26 March 2024
tlshosts/FQDN.pem
man qmail-remote excerpt:
qmail-remote requires TLS authentication from servers for which this certificate exists (FQDN is the fully-qualified domain name of the server). One of the dNSName or the CommonName attributes have to match.
WARNING: this option may cause mail to be delayed, bounced, doublebounced, or lost.
Force TLS encryption for a particular domain or Exceptions to 'control/tlshosts/exhaustivelist': 1) # nslookup -type=mx 'domain.tld' domain.tld mail exchanger = 0 mx.domain.tld. 2) # mkdir /var/qmail/control/tlshosts a) qmail-1.03-3.3.7>= 1. # ln -s /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem /var/qmail/control/tlshosts/mx.domain.tls.pem b) qmail-1.03-3.3.7< 1. # touch /var/qmail/control/tlshosts/mx.domain.tld.pem