It works in practice. A few Postfix TLS proxies have been terminating TLS connections, making access control decisions and forwarding unencrypted SMTP to a non-Postfix server for many years now.
These systems only run "smtpd" as a proxy, and use various internal services, but otherwise there is no message processing. There is no logging from cleanup(8), qmgr(8), smtp(8), ... connectins come in and then they go out. Mail is never queued on the TLS proxy. ---------------------------------------------------------------------- How does one configure postfix to act like this?
<<winmail.dat>>
