On 04/29/2016 06:34 AM, Charles Marcus wrote:
On 4/29/2016 3:02 AM, Alice Wonder <al...@domblogger.net> wrote:
submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_reject_unlisted_recipient=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_relay_restrictions=permit_mynetworks,reject_unauth_destination
What about permit_sasl_authenticated ? Without that external clients
will not be able to use it.
Thank you
Also, personally I would *never* allow unauthenticated, except only from
specific older clients that don't support SASL AUTH - and I would do
that on a separate port with additional checks - but that is me, I know
it isn't uncommon to do this.
That's the relay_restrictions?
What I'm trying to have it do is define the blog hosts (there are three
or four of them, with about 20 different domain names on each host) can
connect over 587 with authentication but that even with the right uname
/ password, connection is refused from any other host.
