Paweł Leśniak wrote:
W dniu 2009-03-03 17:46, Noel Jones pisze:
Some people reject their own domain from outside, unauthenticated
clients, but this will certainly reject some amount of legit mail.
Could you write a little bit how is it possible to reject legit mail by
rejecting unauthenticated clients when all users do use SASL
authentication or are in my_networks?
Pawel Lesniak
Some legit "reminder" type services, some meeting
notifications, and other legit mail might arrive with you as
the sender. Maybe not best practices, but it's legit mail and
such a policy will reject it.
You can send yourself mail via eg. gmail or your home ISP with
your postfix domain as sender address. Some people really do
this.
The "some amount" of legit mail you will reject is highly
dependent on your users. Some sites will see quite a bit,
others very little. Some people consider this a horrible
idea, others a useful policy with an acceptable risk. You get
to pick which side of the fence you live on.
-- Noel Jones