email builder: > > > > I have two IP addresses on my server and would like to serve a different > > > SSL > > (TLS) certificate for each one. I think all the other configuration will > > not > > need to differ between the two, so I think running multiple instances of > > postfix > > would be overkill (?). > > > > > > I want to confirm that it would be possible/viable/advisable to simply > > > create > > two smtpd processes in master.cf: > > > > > > 1.2.3.4:smtp inet n - n - - smtpd > > > -o myhostname=mail.domainA.com > > > -o mydomain=domainA.com > > > -o smtpd_tls_cert_file=/etc/postfix/domainA.crt > > > -o smtpd_tls_key_file=/etc/postfix/domainA.key > > > > > > 4.3.2.1:smtp inet n - n - - smtpd > > > -o myhostname=mail.domainB.com > > > -o mydomain=domainB.com > > > -o smtpd_tls_cert_file=/etc/postfix/domainB.crt > > > -o smtpd_tls_key_file=/etc/postfix/domainB.key > > > > The rest of Postfix needs to know where it should deliver mail for > > mail.domainB.com, domainB.com, mail.domainA.com, and domainA.com. > > Oh, perhaps I didn't make it clear that I have a whole bunch of other conf >-iguration in main.cf, which includes MySQL lookups for transport_maps and vi >-rtual_mailbox_maps. On a single IP address with one TLS certificate, it rou >-tes/accepts mail for domainA and domainB as needed. My assumption above is >-that as long as I don't override all the settings that make my mail delivery >- work with one IP/TLS certificate, I can just change what TLS certificate is >- offered up for each of my IP addresses. > > > Otherwise, the Postfix SMTP server will reject mail with "relay > > access denied", and the Postfix SMTP client will reject mail with > > that "mail loops back to myself". > > Does my clarification above change your opinion about this? Why wouldn't >-mail for domainA and domainB be treated the same as before (when using just >-one IP/TLS cert) if I don't override any other settings?
I do not support configurations with multiple myhostname/mydomain settings (or multiple settings for any domain-like parameter that determines how Postfix handles email). Wietse > > Note that the Postfix SMTP server does not make all decisions by > > itself. It relies on the trivial-rewrite service to decide how > > a domain should be handled. > > > > There is no official support for multiple domain personalities. > > Right, I understand this is not as much a "domain personality" as it is a >-per-IP change. > > Thanks so very, very much. > > >