SMTP Proxy - STARTTLS offer on per IP base
ramber
nginx-forum at forum.nginx.org
Mon Aug 19 12:48:28 UTC 2019
Hello list,
We've setup a nginx reverse smtp proxy to load balance incoming access to
our mailservers.
Everything is fine... until
Some remote sites have broken tls setups and can't deliver mails anymore.
Some didn't accept Let's Encrypt as CA for instance.
Now I'm searching a way to not provide STARTTLS to them.
The AUTH Methode is to late here because it will be started after "rcpto
to:".
Is there way to call an "Auth Script" after Client-Helo and decide whether
dto send STARTTLS Option or not?
I know i can do some redirect with the firewall but i would like to add some
logic to the desition to provide STARTTLS or not.
Tnx for reading .
/ramber
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,285338,285338#msg-285338
More information about the nginx
mailing list