Log TLS information at each connection

This is handy to verify wether a given mail was sent encrypted.
This commit is contained in:
Simon Bruder 2019-08-03 15:40:13 +00:00
parent fca6ae6360
commit df2f74870c

View file

@ -27,7 +27,7 @@ RUN echo '' > /etc/postfix/main.cf \
&& postconf -e recipient_delimiter='+' \ && postconf -e recipient_delimiter='+' \
&& postconf -e smtpd_banner='$myhostname ESMTP $mail_name' \ && postconf -e smtpd_banner='$myhostname ESMTP $mail_name' \
&& postconf -e smtpd_use_tls='yes' \ && postconf -e smtpd_use_tls='yes' \
&& postconf -e smtpd_tls_loglevel='0' \ && postconf -e smtpd_tls_loglevel='1' \
&& postconf -e smtpd_tls_key_file='/tls/privkey' \ && postconf -e smtpd_tls_key_file='/tls/privkey' \
&& postconf -e smtpd_tls_cert_file='/tls/fullchain' \ && postconf -e smtpd_tls_cert_file='/tls/fullchain' \
&& postconf -e smtpd_tls_security_level='may' \ && postconf -e smtpd_tls_security_level='may' \
@ -38,6 +38,7 @@ RUN echo '' > /etc/postfix/main.cf \
&& postconf -e smtpd_tls_exclude_ciphers='aNULL' \ && postconf -e smtpd_tls_exclude_ciphers='aNULL' \
&& postconf -e smtpd_tls_dh1024_param_file='/etc/postfix/dh-params/2048.pem' \ && postconf -e smtpd_tls_dh1024_param_file='/etc/postfix/dh-params/2048.pem' \
&& postconf -e smtpd_tls_eecdh_grade='strong' \ && postconf -e smtpd_tls_eecdh_grade='strong' \
&& postconf -e smtp_tls_loglevel='1' \
&& postconf -e smtp_tls_security_level='may' \ && postconf -e smtp_tls_security_level='may' \
&& postconf -e smtp_tls_mandatory_ciphers='medium' \ && postconf -e smtp_tls_mandatory_ciphers='medium' \
&& postconf -e tls_preempt_cipherlist='yes' \ && postconf -e tls_preempt_cipherlist='yes' \