On Wed, 19 Jun 2024 at 03:57, Viktor Dukhovni via Postfix-users < [email protected]> wrote:
> On Tue, Jun 18, 2024 at 04:15:33PM -0500, Cody Millard via Postfix-users > wrote: > > > The defaults for those settings, as far as postfix is concerned, are as > > follows: > > > > smtpd_tls_auth_only = no > > Why? Surely, "yes" is the better choice... You need to set this to "yes" if you plan to have accounts sending mail out through your mail server. Because that's potentially a security risk, Postfix doesn't set this to "yes" by default. As to smtpd_tls_security_level, you are right that (for port 25 smtp) it is better as "may", but the reason the default is none is that you will need to set up TLS certificate first, which isn't in the scope of what Postfix does. So that's why it sets none as the default.
_______________________________________________ Postfix-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
