> On 19 Jun 2024, at 4:29 PM, Gilgongo via Postfix-users > <postfix-users@postfix.org> wrote: > > > The defaults for those settings, as far as postfix is concerned, are as > > follows: > > > > smtpd_tls_auth_only = no > > Why? Surely, "yes" is the better choice... > > You need to set this to "yes" if you plan to have accounts sending mail out > through your mail server. Because that's potentially a security risk, Postfix > doesn't set this to "yes" by default. > > As to smtpd_tls_security_level, you are right that (for port 25 smtp) it is > better as "may", but the reason the default is none is that you will need to > set up TLS certificate first, which isn't in the scope of what Postfix does. > So that's why it sets none as the default.
It seemed to me at the time, per the thread subject, that your post was recommending best-practice settings, rather than showing Postfix default settings. If the latter, OK, but I don’t need them explained, and not all the explanations are correct. — Viktor. _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org