On Wed, 19 Jun 2024 at 03:57, Viktor Dukhovni via Postfix-users < postfix-users@postfix.org> wrote:
> On Tue, Jun 18, 2024 at 04:15:33PM -0500, Cody Millard via Postfix-users > wrote: > > > The defaults for those settings, as far as postfix is concerned, are as > > follows: > > > > smtpd_tls_auth_only = no > > Why? Surely, "yes" is the better choice... You need to set this to "yes" if you plan to have accounts sending mail out through your mail server. Because that's potentially a security risk, Postfix doesn't set this to "yes" by default. As to smtpd_tls_security_level, you are right that (for port 25 smtp) it is better as "may", but the reason the default is none is that you will need to set up TLS certificate first, which isn't in the scope of what Postfix does. So that's why it sets none as the default.
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
