J.P. Trosclair wrote, at 03/04/2009 05:01 PM: > I'll research the smtpd_tls_security_level option further. It didn't > present a problem until I started working on this specific feature with > the white lists. I have created another smtpd instance to forward white > listed domains to rather than trying to utilize the submission port. I > felt like I was over-complicating (because of archiving with *_bcc_maps > and duplicate mails) the functionality of the submission service and > thus headed down a bumpy road, maybe I'm wrong about this though. At the > same time the submission service seems like the ideal place to hand this > mail over to for final delivery since it's intended (for us) to allow > trusted clients to bypass filtering and spam checks.
Yes, it can be. For example, it's perfectly reasonable to include mynetworks in the submission port's smtpd_client_restrictions, then add whitelisted hosts to mynetworks. But this is really true only for hosts under your control, and not recommended for whitelisting whole external domains. For obvious reasons, it would be insane to add gmail.com to mynetworks. Unfortunately, your originally proposed solution weakens security for all clients using the submission port, including authenticating clients. A workaround is possible with these settings: -o smtpd_tls_security_level=may -o smtpd_tls_auth_only=yes But I would discourage this approach on the public submission port, as it's best to provide maximum security by encrypting all connections. When you must relax this restriction, add another port to master.cf that you can fine-tune for the intended purpose. This also allows you to apply firewall rules that would be inappropriate for a public submission service on port 587, enabling you to lock it down tightly.
