TLS Enforcement
smtp_tls_security_level = encrypt
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
This configuration:
-
Enforces TLS encryption for all outbound SMTP connections.
-
Uses the system CA store for certificate validation.
-
Enables TLS session caching for performance optimization.