On 26/04/21 3:10 am, Wietse Venema wrote:
Just in time for Postfix 3.6.0 :-)
I have a suggestion to simplify this.
Assuming that most people will not need complex submission or smtps
configurations, we could optimize for the simple case, and go without
any mua_* settings in master.cf:
I'm fine with that.
# Choose one: enable submission for loopback clients only, or for any client.
#127.0.0.1:submission inet n - n - - smtpd
#submission inet n - n - - smtpd
# -o syslog_name=postfix/submission
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_tls_auth_only=yes
# -o smtpd_reject_unlisted_recipient=no
# Instead of specifying complex smtpd_<xxx>_restrictions here,
# specify "smtpd_<xxx>_restrictions=$mua_<xxx>_restrictions"
# here, and specify mua_<xxx>_restrictions in main.cf (where
# "<xxx>" is "client", "helo", "sender", "relay", or "recipient").
That's a little bit wordy for my liking, but I'm okay with it. At the
end of the day I just want to do something about people who uncomment
this section and then wonder why they're getting warnings in the logs,
mainly because it just came up as an issue in IRC.
Peter
# -o smtpd_client_restrictions=
# -o smtpd_helo_restrictions=
# -o smtpd_sender_restrictions=
# -o smtpd_relay_restrictions=
# -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
Ditto for smtps (a.k.a. submissions).
Wietse
