[pfx] Re: question for a directive in master.cf
On 21/06/2024 13:06, Jeff Peng via Postfix-users wrote: > >> If you want to enable them, you have to uncomment ALL lines for >> submission >> service to work correctly. > > just further, for smtps service, can i just comment out all of options > to enable it? > > #smtps inet n - y - - smtpd > # -o syslog_name=postfix/smtps > # -o smtpd_tls_wrappermode=yes > # -o smtpd_sasl_auth_enable=yes > # -o smtpd_reject_unlisted_recipient=no > # -o smtpd_client_restrictions=$mua_client_restrictions > # -o smtpd_helo_restrictions=$mua_helo_restrictions > # -o smtpd_sender_restrictions=$mua_sender_restrictions > # -o smtpd_recipient_restrictions= > # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject > # -o milter_macro_daemon_name=ORIGINATING Just a linguistic point, to avoid future confusion on the part of archive readers. "Commenting x out" means "disabling x by turning it into a comment". So all lines in your above example are commented out because they are preceded by a # sign. Doing the opposite (i.e. turning a comment into an enabled thing) is called "uncommenting". ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: question for a directive in master.cf
Dnia 21.06.2024 o godz. 19:06:38 Jeff Peng via Postfix-users pisze: > > >If you want to enable them, you have to uncomment ALL lines for > >submission > >service to work correctly. > > just further, for smtps service, can i just comment out all of > options to enable it? Yes, you should. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: question for a directive in master.cf
On 21.06.24 17:07, Jeff Peng via Postfix-users wrote: I have changed the setting for submission to: submission inet n - y - - smtpd # -o syslog_name=postfix/submission better uncomment this one as well, you should know how the mail was sent without reading firewall logs. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Silvester Stallone: Father of the RISC concept. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: question for a directive in master.cf
If you want to enable them, you have to uncomment ALL lines for submission service to work correctly. just further, for smtps service, can i just comment out all of options to enable it? #smtps inet n - y - - smtpd # -o syslog_name=postfix/smtps # -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_reject_unlisted_recipient=no # -o smtpd_client_restrictions=$mua_client_restrictions # -o smtpd_helo_restrictions=$mua_helo_restrictions # -o smtpd_sender_restrictions=$mua_sender_restrictions # -o smtpd_recipient_restrictions= # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING Thanks. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: question for a directive in master.cf
If you want to enable them, you have to uncomment ALL lines for submission service to work correctly. That's good idea. Thanks Rafa. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: question for a directive in master.cf
Dnia 21.06.2024 o godz. 07:54:40 Jeff Peng via Postfix-users pisze: > for these options for submission in master.cf: > > submission inet n - y - - smtpd > # -o syslog_name=postfix/submission > # -o smtpd_tls_security_level=encrypt > -o smtpd_sasl_auth_enable=yes > # -o smtpd_tls_auth_only=yes > # -o smtpd_reject_unlisted_recipient=no > # -o smtpd_client_restrictions=$mua_client_restrictions > # -o smtpd_helo_restrictions=$mua_helo_restrictions > # -o smtpd_sender_restrictions=$mua_sender_restrictions > # -o smtpd_recipient_restrictions= > # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject > # -o milter_macro_daemon_name=ORIGINATING > > Since "-o smtpd_sasl_auth_enable=yes" specify smtpd_sasl_auth_enable > default enabled. Why I have to uncomment it out to make it become > alive? These commented out directives in master.cf are NOT defaults. They are commented out because by default, submission services are NOT enabled at all. If you want to enable them, you have to uncomment ALL lines for submission service to work correctly. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: question for a directive in master.cf
The default value is "no", as expected. $ postconf -d smtpd_sasl_auth_enable smtpd_sasl_auth_enable = no Best practice is to enable SASL auth only on the submission ports and NOT on port 25. I have changed the setting for submission to: submission inet n - y - - smtpd # -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_tls_auth_only=yes -o smtpd_relay_restrictions=permit_sasl_authenticated,reject Thanks Victor. regards. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: question for a directive in master.cf
On Fri, Jun 21, 2024 at 07:54:40AM +0800, Jeff Peng via Postfix-users wrote: > Hello > > for these options for submission in master.cf: > > submission inet n - y - - smtpd > # -o syslog_name=postfix/submission > # -o smtpd_tls_security_level=encrypt > -o smtpd_sasl_auth_enable=yes > # -o smtpd_tls_auth_only=yes > # -o smtpd_reject_unlisted_recipient=no > # -o smtpd_client_restrictions=$mua_client_restrictions > # -o smtpd_helo_restrictions=$mua_helo_restrictions > # -o smtpd_sender_restrictions=$mua_sender_restrictions > # -o smtpd_recipient_restrictions= > # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject > # -o milter_macro_daemon_name=ORIGINATING > > Since "-o smtpd_sasl_auth_enable=yes" specify smtpd_sasl_auth_enable default > enabled. Why I have to uncomment it out to make it become alive? The default value is "no", as expected. $ postconf -d smtpd_sasl_auth_enable smtpd_sasl_auth_enable = no Best practice is to enable SASL auth only on the submission ports and NOT on port 25. -- Viktor. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org