## SME relay outgoing mails to smarthost
{
  my $smarthost = $postfix{'SMTPSmartHost'} || "off";
  return "#Smarthost disabled"  if $smarthost eq "off";
  my $userid = $postfix{'SMTPSmartHostUserid'} || "";
  my $password = $postfix{'SMTPSmartHostPasswd'} || "";
  my $port = $postfix{'SMTPSmartHostPeerPort'} || "25";
  $OUT = "relayhost = [$smarthost]:$port\n";
  return "#Smarthost auth disabled" if ($postfix{'SMTPSmartHostStatus'} || "disabled") eq "disabled";
  if ($userid ne "") 
  {
    $OUT .= "smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd\n";
    $OUT .= "smtp_sasl_security_options = noanonymous\n";
    $OUT .= "smtp_sasl_auth_enable = yes\n";
  }
  if ($port eq "465")
  {
    # SMTPS wrappermode (TCP port 465) requires setting "smtp_tls_wrappermode = yes", and "smtp_tls_security_level = encrypt" (or stronger)
    $OUT .= "smtp_tls_wrappermode = yes\n";
    # 70certificates already defines smtp_tls_security_level
  }

}
