On Fri, Jan 08, 2010 at 08:37:16AM -0500, Shaun T. Erickson wrote: > Yes, this is what is shown in the SASL Howto and how I have had > my server's submission port configured in the past. > > However, in the 2.6.2 postfix distribution I'm trying to configure > now, the default definition of the submission port uses the same > restrictions, but it applies them to the smtpd_CLIENT_restrictions > parameter, NOT the smtpd_RECIPIENT_restrictions parameter. I'm > trying to understand if that is just a typo in master.cf or if the > change is legit and, if so, why.
Here's the example to which you refer: #submission inet n - n - - smtpd # -o smtpd_tls_security_level=encrypt # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject If you have already configured your smtpd_recipient_restrictions in main.cf to allow SASL AUTH, this example does indeed work. It's probably not a typo, but I agree, it can be confusing. Why do this with smtpd_client_restrictions, and yet assume that you didn't have smtpd_sasl_auth_enable=yes in main.cf already? One thing I have learned in my years on this list: Wietse usually has a reason, which might have been beyond my ability to understand. :) -- Offlist mail to this address is discarded unless "/dev/rob0" or "not-spam" is in Subject: header