I am finihsing ZCS 8.0.4 setup. When I thought it is done, it came out we have an old ERP application which needs to send email through smtp 25/tcp without TLS.
I have to make it possible on all clients computers inside local LAN.
After a lot of searching with google and thru docs, I learned I need to set postfix parameter: smtpd_tls_auth_only=no. Then it proceeds authentication with SASL options and it is OK.
My questions are:
- How do I set the option with ZCS 8.0.4? There seems to be no configuration parameter to set with zmlocalconfig command. There are some postfix options, but not that one. Should modify /opt/zimbra/postfix/conf/main.cf by hand? Even doing so does not make it permanent, after "postfix reload" or "zmcontrol restart" it can change. I do not understand this.
- Is it possible to make ZCS accept 25/tcp connections only from local subnet? I would like still to force remote clients to use TLS connection. But I do not want to make local lan to be able to relay, so using myMtaNetworks is not a good choice (as I understand this).
I would be grateful for some hints or explanation. What I did for now, I ran "$ postconf -e smtpd_tls_auth_only=no" command, but this in no way permanent!