Patrick Ben Koetter: > > > mail.example.com ask_ccert > > > .example.net ask_ccert > > > > Alternatively, allow a richer input to smtpd_tls_ask_ccert besides > > yes and no. For example, a (match)list. > > Yes. Finer control e.g. access(5) actions would be my ultimate wish.
access(5) restrictions are evaluated by default at RCPT TO time.
You need a decision that is made before or at STARTTLS time.
Wietse
