> One important information is missing here: on what port? Good catch. Port 25.
> There should be no authentication on port 25 and all mail destined for local > domains should be accepted. > > There should be mandatory authentication on ports 465/587. > > As both acme.com and corley.com are local to provider A, on port 25 any mail > to any of these domains should be accepted, regardless of sender, without > authentication. And that's a definition I've been struggling with: What is *local* in relation to SMTP? What if I'm a managed service provider hosting email on Postfix? Are all my customers considered local? Wouldn't *local* be considered the domains under an organization's control? > However, on ports 465 or 587, authentication should be required, regardless > of destination. > > If authentication is required on port 25, or no authentication is allowed on > port 465 or 587, someone has misconfigured something. On Mon, Apr 17, 2023 at 4:58 PM Jaroslaw Rafa via Postfix-users < postfix-users@postfix.org> wrote: > Dnia 17.04.2023 o godz. 14:49:11 Noel Jones via Postfix-users pisze: > > Please keep replies on list. > > > > On 4/17/2023 2:16 PM, Tyler Montney wrote: > > >I'll put it this way, since I'm struggling to word this: > > > > > >Provider A contains the following customers: > > >Acme Corporation (acme.com <http://acme.com>) > > >Corley Motors (corley.com <http://corley.com>) > > > > > >Provider B contains the following customers: > > >ConSec (consec.com <http://consec.com>) > > >Teldar Paper (teldar.com <http://teldar.com>) > > > > > >f...@acme.com can send to b...@corley.com without authentication. > > One important information is missing here: on what port? > > There should be no authentication on port 25 and all mail destined for > local > domains should be accepted. > > There should be mandatory authentication on ports 465/587. > > As both acme.com and corley.com are local to provider A, on port 25 any > mail > to any of these domains should be accepted, regardless of sender, without > authentication. > > However, on ports 465 or 587, authentication should be required, regardless > of destination. > > If authentication is required on port 25, or no authentication is allowed > on > port 465 or 587, someone has misconfigured something. > -- > Regards, > Jaroslaw Rafa > r...@rafa.eu.org > -- > "In a million years, when kids go to school, they're gonna know: once there > was a Hushpuppy, and she lived with her daddy in the Bathtub." > _______________________________________________ > Postfix-users mailing list -- postfix-users@postfix.org > To unsubscribe send an email to postfix-users-le...@postfix.org >
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org