0

Running kubuntu 10.04 on my host, let's call it alpha. I've got postfix as my system MTA. I've got crons running on alpha that need to send email to a remote host, let's call it mailhost. I cannot alter any configs on mailhost.

Normally I use Thunderbird to send/get email through mailhost using IMAP over TLS. The SMTP setup in Thunderbird is configured to use STARTTLS.

I want cron jobs running on alpha to send mail to mailhost, but because alpha is a dynamic-IP host behind residential NAT, it's difficult to get mailhost to accept mail from alpha due to the usual anti-spam/RBL heuristics. However, if I can get postfix to use TLS to connect to mailhost when it's sending mail to an address (dirtside@mailhost for example), then the mails should go through just fine.

What I'm trying to figure out is how to configure postfix to use STARTTLS with a specific username and password ONLY when connecting to mailhost.

Alternative solutions (e.g. using something besides postfix) are acceptable, but the ultimate task is still to allow crons running on alpha to send emails to dirtside@mailhost.com.

masegaloeh
  • 17,978
  • 9
  • 56
  • 104
dirtside
  • 1,481
  • 4
  • 17
  • 22

1 Answers1

7

You can use smtp_tls_policy_maps to configure the TLS policy on a per host basis.

main.cf:

smtp_tls_policy_maps = hash:/etc/postfix/tls_policy

/etc/postfix/tls_policy:

mailhost.com    encrypt

Remember to run postmap /etc/postfix/tls_policy after editing that file.

You could also set smtp_tls_security_level = may to use TLS when the remote server supports it, but fallback to non-TLS otherwise.

mgorven
  • 30,036
  • 7
  • 76
  • 121