>>>>>> master.cf: >>>>>> >>>>>> submission inet n - n - - smtpd >>>>>> -o smtpd_sasl_auth_enable=yes >>>>>> -o >>>>>> smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject >>>>>> >>>> >>>> You should also have: >>>> >>>> smtpd_tls_security_level=encrypt >>>> >>>> for the submission service... >>>> >>> >>> >>> Normally yes, but OP is using submission for unencrypted, >>> unauthenticated local mail. >>> >>> I also suggested he explicitly set -o smtpd_tls_auth_only=yes and >>> add reject_plaintext_session, but apparently he knows better. >> >> Alright, I thought my config rendered those unnecessary/redundant, but >> apparently not? >> >> - Grant > > > I carefully chose all those options to make submission as secure as > possible while still allowing ONLY localhost to submit > unencrypted/unauthenticated mail. > > The options I suggested are not all required, but all are included > for a reason -- either because they enhance security or because they > protect you from accidents in main.cf. > > You are, of course, free to configure your server any way you > please. But it's rather annoying when you ask for expert advice and > then announce you'll do something different. Repeatedly.
Sorry, I'll put 'em back in. I thought you might have made a mistake. Redundancy can be good I suppose. I greatly appreciate everyone's help and patience with this. I have a much greater understanding of postfix and a much improved config thanks to all of you. - Grant
