Tlshosts/FQDN.pem: Difference between revisions

From QmailToaster
Jump to navigation Jump to search
(Created page with "<u>'''tlshosts/FQDN.pem'''</u> man '''qmail-remote''' excerpt: '''qmail-remote''' requires TLS authentication from servers for which this certificate exists ('''FQDN''' is the fully-qualified domain name of the server). One of the <u>dNSName</u> or the <u>CommonName</u> attributes have to match. '''WARNING:''' this option may cause mail to be delayed, bounced, doublebounced, or lost.")
 
No edit summary
 
(3 intermediate revisions by the same user not shown)
Line 7: Line 7:


'''WARNING:''' this option may cause mail to be delayed, bounced, doublebounced, or lost.
'''WARNING:''' this option may cause mail to be delayed, bounced, doublebounced, or lost.
Force TLS encryption for a particular domain or Exceptions to 'control/tlshosts/exhaustivelist':
  1) # nslookup -type=mx 'domain.tld'
        domain.tld    mail exchanger = 0 mx.domain.tld.
  2) # mkdir /var/qmail/control/tlshosts
    a) qmail-1.03-3.3.7>=
        1. # ln -s /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem /var/qmail/control/tlshosts/mx.domain.tls.pem 
    b) qmail-1.03-3.3.7<
        1. # touch /var/qmail/control/tlshosts/mx.domain.tld.pem
[[Control_Files_by_Function#qmail-remote|qmail-remote]]

Latest revision as of 14:22, 26 March 2024

tlshosts/FQDN.pem


man qmail-remote excerpt:

qmail-remote requires TLS authentication from servers for which this certificate exists (FQDN is the fully-qualified domain name of the server). One of the dNSName or the CommonName attributes have to match.

WARNING: this option may cause mail to be delayed, bounced, doublebounced, or lost.

Force TLS encryption for a particular domain or Exceptions to 'control/tlshosts/exhaustivelist':
  1) # nslookup -type=mx 'domain.tld'
       domain.tld     mail exchanger = 0 mx.domain.tld.
  2) # mkdir /var/qmail/control/tlshosts
    a) qmail-1.03-3.3.7>=
       1. # ln -s /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem /var/qmail/control/tlshosts/mx.domain.tls.pem  
    b) qmail-1.03-3.3.7<
       1. # touch /var/qmail/control/tlshosts/mx.domain.tld.pem


qmail-remote