PHP + Postfix MTA: Do NOT use TLS

Question

I've installed Postfix and PHP on one of my servers (Debian)

TLS in Postfix' configuration is enabled:

smtp_use_tls = yes
smtp_tls_security_level = may

Regularly I need to send out a newsletter Email to ~1,000 addresses.
These mails are "send" via PHP's mail() function. PHP hands these Emails over to Postfix for delivery.

Is there a way to disable TLS when "sending" mails from PHP?
Can this be done by somehow modifying Postfix' master.cf?

It should work like this:

Incoming Emails -> Use TLS
Outgoing Emails -> Use TLS
Outgoing Emails from PHP -> Do not use TLS

In other words:
Can Postfix be configured to deliver mails without TLS if they are received via a different port?
Like this:

Outgoing Emails when received from Port 25 -> Use TLS
Outgoing Emails when received from Port xy -> Do not use TLS

score 0 · Answer 1 · answered Jan 02 '17 at 15:33

0

That's not possible unless you setup a separate Postfix instance.

answered Jan 02 '17 at 15:33

Ralf Hildebrandt

543
2
16

score 0 · Answer 2 · answered May 18 '19 at 22:30

Yes it can.

You may need to use an actual SMTP client via PHP (e.g. SwiftMailer), but you can host smtpd with separate options on a separate port, e.g.

192.168.22.2:10587 inet  n       -       n       -       10      smtpd
  -o syslog_name=submission/mass-mail
  -o smtpd_tls_security_level=none
  -o smtpd_relay_restrictions=
  -o smtpd_recipient_restrictions=permit_mynetworks,reject
  -o mynetworks=127.0.0.0/8,192.168.22.2/24

PHP + Postfix MTA: Do NOT use TLS

2 Answers2