postfix-pgsql cannot be configured to use ssl connection, because it uses the old PQsetdbLogin API.
This patch makes it possible to use any postgresql connect string by using the PQconnectdb api.
I did not find where to report such things to upstream (beyond mailing list, which I don't intend to subscribe),
so please send it to them. I will be happy to refactor the patch to be accepted upstream, just please don't
make me subscribe yet another mailing list.
usage notes:
1. You put the connection string instead of hostname.
It is detected based on the "postgresql:" prefix.
dbname is not used, but you have to define it.
My postgres.cf looks like this:
-----------------------------------------
hosts = postgresql://<email address hidden>/pdoauth?sslmode=require
query = select email from email_map where proxy='%s';
dbname = notused
-----------------------------------------
2. When daemons are chrooted,
a) you should put a passwd file in the chroots /etc, with an entry for postfix. It is /var/spool/postfixx/etc in case of ubuntu
b) you should have the proper ssl key and cert in ~postfix within the chrooted environment
c) other files in /etc, like resolv.conf, ... are also used within the chroot
The patch is attached. There might be whitespace discrepancies.
The attachment "postfix-
[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]