On Fri, Jan 30, 2015 at 02:44:48PM +0000, srach wrote: > But at the document > > http://www.postfix.org/TLS_README.html > > I think the tls_policy is for "destinations".? So only for the sending side. > > I too want the #2 server to only ACCEPT the relay mail from the #1 server if > the #1 server gives the fingerprint = > 22:22:22:22:22:22:22:22:22:22:22:22:22:22:22:22:22:22:22:22. > > So this is not tls_policy file on the #2 server?? Where is the configuration > to be set for the #2 server to only accept relay mail from the #1 server if > match equals?
You can use either of two approaches: 1. http://www.postfix.org/postconf.5.html#permit_tls_clientcerts http://www.postfix.org/postconf.5.html#relay_clientcerts 2. http://www.postfix.org/postconf.5.html#check_ccert_access -- Viktor.