Gerben Wierda via Postfix-users:
> Now, the only thing I would like to add - if possible - is to use
> this only for smtp traffic coming from outside on port 25 and not
> from inside or port submission, such that internal senders may use
> the simple [email protected] form but outside port 25 users may
> not.
If you mean submission service (port 587), use the one in the
stock master.cf file:
master.cf:
submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_tls_auth_only=yes
-o local_header_rewrite_clients=static:all
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_relay_restrictions=
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
smtpd .. .. .. .. .. smtpd
# no -o name=value
main.cf:
smtpd_recipient_restrictions = ... first.last check...
If you mean submission via port 25, don't use the same
smtpd serive for internal ane external.
> And then I set it to drop so they can't get the backscatter
> to my user via my backup SMTP service (which is part of the actual
> 'problem' I'm trying to solve).
I suppose that the backup MX doesn't (also) provide submission serice.
Wietse
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
