On 08/11/2013 13:34, Timo Sirainen wrote:
Dovecot MTA isn’t intended to be run standalone, most likely it can only
deliver mails to Dovecot LMTP.
May I clarify? So Dovecot MTA might be for inbound SMTP only? Or
also for outbound SMTP? (From the feature list I'd assumed outbound,
as well.)
If also for outbound, we have thought to run inbound and outbound on
different servers, with the outbound server not listening to any
internet-capable ports, simply to reduce further the opportunity for
external access leading to spam generation (because any inbound access
could lead to privilege escalation due to some exploit, and alter the
ACLs, for example).
Running on separate servers would imply standalone (unless config data
is on NFS, perhaps).
Very supportive for the ideas listed, especially around email
authentication, and security.
Ron
