Thanks Viktor, that worked perfectly!
Are there any plans down the road to add configuration map support for
smtpd processes by interface or IP?
- Matt
On 7/4/2015 8:56 PM, Viktor Dukhovni wrote:
On Sat, Jul 04, 2015 at 01:53:06PM -0400, Matt Saladna wrote:
We have a multi-homed server with ~20 IP addresses that listen for incoming
mail connections. I'd like to setup a personalized SSL certificate for 1 IP
address over submission (non-SNI). I know this can be accomplished by adding
a custom service in master.cf that uses smtpd with a sample config "-o
smtp_bind_address=x.y.z -o smtpd_tls_cert_file=xyz".
The "smtp_bind_address" setting is pointless (has no effect on
smtpd(8)). The actual listen address is the one specified in
master.cf.
This works, but if I specify 1 service, then I must likewise enumerate all
remaining IP addresses and define custom smtpd services in master.cf.
This is not necessary, just add a host to /etc/hosts that resolves
to all 19 addresses. Then use that hostname in master.cf. Make
sure you have "multi on" in /etc/hosts.conf (IIRC) on any OS that
needs such a settting to resolve a host to all its /etc/hosts
addresses.
