blob: 9935b46ed0f28cf5fb671f1d380c1fc12a94d5b0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
# For domains that we do not relay for, and need to verify certs.
# Since we most probably can't have broken MX records pointing to
# site local or link local IP addresses fixed, we ignore target
# hosts pointing to these addresses.
dnslookup_tls_verify:
debug_print = "R: dnslookup_tls_verify for $local_part@$domain"
driver = dnslookup
# Do we need to verify and force TLS for this domain ?
domains = ! +local_domains : +tls_verify_relay_to_domains
transport = remote_smtp_tls_verify
same_domain_copy_routing = yes
# ignore private rfc1918 and APIPA addresses
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :\
172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16 :\
255.255.255.255
no_more
|