From bb247d295c0d49111960d59822a6966abce0ab18 Mon Sep 17 00:00:00 2001
From: Daniel Winzen <daniel@danwin1210.de>
Date: Sun, 17 Jul 2022 23:10:33 +0200
Subject: [PATCH] Add postfix-mta-sts-resolver

---
 etc_clearnet_proxy/postfix/main.cf | 1 +
 install_binaries_proxy.sh          | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/etc_clearnet_proxy/postfix/main.cf b/etc_clearnet_proxy/postfix/main.cf
index 576df91..47a0df9 100644
--- a/etc_clearnet_proxy/postfix/main.cf
+++ b/etc_clearnet_proxy/postfix/main.cf
@@ -32,6 +32,7 @@ smtpd_tls_mandatory_exclude_ciphers = aNULL MD5 SHA CAMELLIA AES+SHA256 AES+SHA3
 smtp_tls_mandatory_exclude_ciphers = aNULL MD5 SHA CAMELLIA AES+SHA256 AES+SHA384
 tls_preempt_cipherlist = yes
 sender_dependent_default_transport_maps = proxy:mysql:/etc/postfix/sql/mysql_tls_policy_out.cf
+smtp_tls_policy_maps = socketmap:inet:127.0.0.1:8461:postfix
 smtp_tls_security_level = dane
 smtpd_tls_security_level = encrypt
 smtp_tls_CApath = /etc/ssl/certs
diff --git a/install_binaries_proxy.sh b/install_binaries_proxy.sh
index 48bb246..988ddb1 100755
--- a/install_binaries_proxy.sh
+++ b/install_binaries_proxy.sh
@@ -5,4 +5,4 @@ export LANG=C.UTF-8
 export PATH="/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin"
 # install all required packages
 DEBIAN_FRONTEND=noninteractive apt-get update
-DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends install -y bash-completion bind9 ca-certificates coturn curl git gnupg haveged iptables libsasl2-modules logrotate lsb-release nano nginx openssl postfix postfix-mysql vim wget wireguard wireguard-tools
+DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends install -y bash-completion bind9 ca-certificates coturn curl git gnupg haveged iptables libsasl2-modules logrotate lsb-release nano nginx openssl postfix postfix-mysql postfix-mta-sts-resolver vim wget wireguard wireguard-tools