Noted with thanks
On Wed, 25 Aug 2021 at 23:21, Viktor Dukhovni <postfix-us...@dukhovni.org> wrote: > > On Wed, Aug 25, 2021 at 10:56:20PM +0800, Turritopsis Dohrnii Teo En Ming > wrote: > > > smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache > > smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_scache > > You might note that the directory needs to be writable by the "postfix" > user, and its default location ($data_directory) varies between the > Postfix packages for various operating systems. > > > Add the following lines to /etc/postfix/master.cf: > > > > submission inet n - n - - smtpd > > smtps inet n - n - - smtpd > > In addition to Wietse's comment re "wrapper mode", you'd typically also > want to enable and require authentication and tweak the various restrictions > to allow relaying by authenticated users. > > The "stock" upstream master.cf file has commented out templates for > fully configured submission services. Use these as a starting point, > and don't enable SASL or allow outbound relaying on port 25. > > #submission inet n - n - - smtpd > # -o syslog_name=postfix/submission > # -o smtpd_tls_security_level=encrypt > # -o smtpd_sasl_auth_enable=yes > # -o smtpd_tls_auth_only=yes > # -o smtpd_reject_unlisted_recipient=no > # Instead of specifying complex smtpd_<xxx>_restrictions here, > # specify "smtpd_<xxx>_restrictions=$mua_<xxx>_restrictions" > # here, and specify mua_<xxx>_restrictions in main.cf (where > # "<xxx>" is "client", "helo", "sender", "relay", or "recipient"). > # -o smtpd_client_restrictions= > # -o smtpd_helo_restrictions= > # -o smtpd_sender_restrictions= > # -o smtpd_relay_restrictions= > # -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject > # -o milter_macro_daemon_name=ORIGINATING > > #submissions inet n - n - - smtpd > # -o syslog_name=postfix/submissions > # -o smtpd_tls_wrappermode=yes > # -o smtpd_sasl_auth_enable=yes > # -o smtpd_reject_unlisted_recipient=no > # Instead of specifying complex smtpd_<xxx>_restrictions here, > # specify "smtpd_<xxx>_restrictions=$mua_<xxx>_restrictions" > # here, and specify mua_<xxx>_restrictions in main.cf (where > # "<xxx>" is "client", "helo", "sender", "relay", or "recipient"). > # -o smtpd_client_restrictions= > # -o smtpd_helo_restrictions= > # -o smtpd_sender_restrictions= > # -o smtpd_relay_restrictions= > # -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject > # -o milter_macro_daemon_name=ORIGINATING > > -- > Viktor. -----BEGIN EMAIL SIGNATURE----- The Gospel for all Targeted Individuals (TIs): [The New York Times] Microwave Weapons Are Prime Suspect in Ills of U.S. Embassy Workers Link: https://www.nytimes.com/2018/09/01/science/sonic-attack-cuba-microwave.html ******************************************************************************************** Singaporean Targeted Individual Mr. Turritopsis Dohrnii Teo En Ming's Academic Qualifications as at 14 Feb 2019 and refugee seeking attempts at the United Nations Refugee Agency Bangkok (21 Mar 2017), in Taiwan (5 Aug 2019) and Australia (25 Dec 2019 to 9 Jan 2020): [1] https://tdtemcerts.wordpress.com/ [2] https://tdtemcerts.blogspot.sg/ [3] https://www.scribd.com/user/270125049/Teo-En-Ming -----END EMAIL SIGNATURE-----
