From 773756f1eadc8a064137eb7b3916fd8f2a5b43a6 Mon Sep 17 00:00:00 2001
From: Nicolas Vigier <boklm@mageia.org>
Date: Fri, 5 Jul 2013 16:29:57 +0000
Subject: postfix: enable opportunistic TLS when sending (from Dan Fandrich)

---
 modules/postfix/templates/main.cf | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/modules/postfix/templates/main.cf b/modules/postfix/templates/main.cf
index ffda06b3..8a255087 100644
--- a/modules/postfix/templates/main.cf
+++ b/modules/postfix/templates/main.cf
@@ -95,6 +95,9 @@ smtpd_use_tls = no
 #smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem
 #smtpd_tls_key_file = /etc/pki/tls/private/postfix.pem
 #smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
+# enable opportunistic TLS when sending
+smtp_tls_security_level = may
+smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
 
 <%- if all_tags.include?('postfix::server') -%>
 smtpd_etrn_restrictions = reject
-- 
cgit v1.2.1