On 5/13/2013 6:34 PM, Steve Jenkins wrote: > On Wed, May 1, 2013 at 5:14 AM, /dev/rob0 <r...@gmx.co.uk > <mailto:r...@gmx.co.uk>> wrote: > > > > > Here are my current entries: > > > > smtpd_recipient_restrictions = > > permit_mynetworks, > > permit_sasl_authenticated, > > I don't put these permit_* in global restrictions; I only apply them > to submission via -o smtpd_relay_restrictions=... in master.cf > <http://master.cf>. And > that brings up another point: if you're using 2.10 you now have > smtpd_relay_restrictions for relay control. > > > First, thanks for the extremely insightful help, Rob. > > OK - I commented those two lines out of smtpd_recipient_restrictions > as recommended, and added a new smtpd_relay_restrictions -o line to > submission in master.cf <http://master.cf>. My submission now reads: > > submission inet n - n - - smtpd > -o smtpd_tls_security_level=encrypt > -o smtpd_sasl_auth_enable=yes > -o smtpd_client_restrictions=permit_sasl_authenticated,reject > -o milter_macro_daemon_name=ORIGINATING > -o > smtpd_relay_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination > > However, I get this when sending a message from my home desktop > (connected via Comcast) via my personal Postfix server to my Gmail > test address:
Don't forget that all the other main.cf parameters are still in effect on your "submission" entry; likely you're seeing unintended spillover. I suggest setting ALL the smtpd_*_restrictions entries for submission in master.cf so you don't have unexpected results. submission inet n - n - - smtpd -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o milter_macro_daemon_name=ORIGINATING -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions= -o smtpd_relay_restrictions=permit_sasl_authenticated,reject -- Noel Jones
