tls: surface transport TLS status in email path and authentication
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
Parse TLS details (version, cipher, bits, cert verification) from the Postfix Received header parenthetical and expose them per hop, rendered as a per-hop badge in the Email Path card. Add an x-tls Authentication-Results result: parse it when present, and otherwise synthesize it from the inbound hop's TLS info. A negative result (unencrypted inbound connection) applies a -10 authentication score penalty and is shown in the Authentication card. Enable the TLS handler in authentication_milter. Closes: #40
This commit is contained in:
parent
8e7e56851b
commit
d53c1b1e00
11 changed files with 593 additions and 0 deletions
|
|
@ -36,5 +36,8 @@ smtpd_recipient_restrictions =
|
|||
permit_mynetworks,
|
||||
reject_unauth_destination
|
||||
|
||||
# TLS - record the negotiated cipher/protocol in the Received: header
|
||||
smtpd_tls_received_header = yes
|
||||
|
||||
# Logging
|
||||
debug_peer_level = 2
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue