Am 13.04.2013 22:36, schrieb b...@bitrate.net: >> fine - in the real life you start not from scratch > > in the real world, both [and more] things happen.
and "another" in the subject is a clear sign >> have fun calling hundrets and thousands of users especially with broken >> clients like a iPhone and explain them what to do to change the port > > perhaps, perhaps not. > >> in a perfect world i would even close port 25 from the WAN because >> the MX is a dedicated spam-firewall, but as said above this world >> exists mostly only if you are a startup with no existing customers > > huh? you forgot you mendtioned remove SASL from port 25? >>> i really just discourage use of permit_mynetworks altogether >> >> if you are not stupid enough to add a /24 network there it is pretty fine >> you do not want to pass every internal server sending a system-message to >> check_recipient_access which may be a spam-filter > > sorry, i have no idea what you're talking about that your "discourage use of permit_mynetworks" is far from reality as also "do not use SASAL and submission on port 25" as well if someone asks for ANOTHER sanity check after upgrade to a new version?
signature.asc
Description: OpenPGP digital signature
