On 1/17/2013 3:56 PM, Quanah Gibson-Mount wrote: > --On Wednesday, January 09, 2013 10:53 AM -0800 Quanah Gibson-Mount > <qua...@zimbra.com> wrote: > >>> Submission and "smtps" perform essentially the same function, and >>> should get identical settings, with the obvious addition of tls >>> wrappermode for smtps. >> >> Perfect, thank you very much! > > Ok, I've modified my master.cf for the smtpd daemons to the > following. Does it appear in general, more sane? > > smtp inet n - n - - smtpd > -o content_filter=scan:[127.0.0.1]:10029 > 465 inet n - n - - smtpd > -o content_filter=scan:[127.0.0.1]:10029 > -o smtpd_tls_wrappermode=yes > -o smtpd_sasl_auth_enable=yes > -o smtpd_client_restrictions= > -o smtpd_data_restrictions= > -o smtpd_end_of_data_restrictions= > -o smtpd_helo_restrictions= > -o smtpd_recipient_restrictions= > -o smtpd_relay_restrictions=
I don't think postfix will start (or at least won't start this service) with both smtpd_recipient_restricions and smtpd_relay_restrictions set empty. For submission/smtps, one of these needs to be set eg. smtpd_relay_restrictions=permit_sasl_authenticated,reject It's also customary to set -o milter_macro_daemon_name=ORIGINATING in case a milter gets put in the loop, and I find it very useful to set the syslog name -o syslog_name=postfix/smtps (similar for postfix/submission). -- Noel Jones