I'll try to answer myself. As i see, the options "from local" and "for local" is the defaults, and can be omitted? So, the first match can be cut to match action "mbox" ?? the my first question i have understood, if "from local" is the default, than it will not work without "from any" the second question was about "from any" in the 4th match. I see, if i try to send email, i connect to egress, so this is not local, and will not work. also i cant use "from <domains>" and in trird match, mails from dkim proxy come to lo0, so they are processed as local and the rule can be extended to: match from local tag DKIM for any action "relay" am i right?
so the last question, can i limit mta to inet4 only? ср, 31 окт. 2018 г. в 15:04, Илья Коскин <kasakof...@gmail.com>: > Hello list! Please look at my match-action definitions: > > action "mbox" mbox alias <aliases> > action "mda" mda "/usr/local/bin/procmail" alias <aliases> > action "relay" relay > action "relay_dkim" relay host smtp://127.0.0.1:10027 > > match for local action "mbox" > match from any for domain <domains> action "mda" #2nd match > match tag DKIM for any action "relay" #3rd match > match auth from any for any action "relay_dkim" #4th match > > I have some questions about matches. > 1) If I remove "from any" in the second match, smtpd will not accept any > mail from internet. Why? > 2) In the 4th match, again, without "from any" I can't send mail to > anywhere. How can I know, where i need to use "from any" and where i don't? > For example 3rd match work without "from any" > 3) is this config comosed secure and correctly? > maybe it is option to use > match auth from <domains> for any action "relay_dkim" ? > if this work, it can partially help to prevent spamming from compromised > users. > > Also, is there any way to limit mta sending only from ipv4? > > Thank's! > >