From f64014e2a3c2431211dda1f6bf9f28eaf56c4536 Mon Sep 17 00:00:00 2001
From: Dan Fandrich <danf@mageia.org>
Date: Fri, 9 Feb 2024 10:36:06 -0800
Subject: Enable opportunistic TLS when receiving mail (mga#29514)

---
 modules/postfix/templates/main.cf | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'modules')

diff --git a/modules/postfix/templates/main.cf b/modules/postfix/templates/main.cf
index 2322cb71..86ad81c2 100644
--- a/modules/postfix/templates/main.cf
+++ b/modules/postfix/templates/main.cf
@@ -103,8 +103,9 @@ smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) (<%= lsbdistid %>)
 unknown_local_recipient_reject_code = 450
 smtp-filter_destination_concurrency_limit = 2
 lmtp-filter_destination_concurrency_limit = 2
-# disabled for the time being
-smtpd_use_tls = no
+# enable opportunistic TLS when receiving
+smtpd_use_tls = yes
+smtpd_tls_received_header = yes
 smtpd_tls_cert_file = /etc/ssl/postfix/postfix.crt
 smtpd_tls_key_file = /etc/ssl/postfix/postfix.key
 smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
-- 
cgit v1.2.1