On Fri, Jan 08, 2010 at 08:37:16AM -0500, Shaun T. Erickson wrote:
> Yes, this is what is shown in the SASL Howto and how I have had
> my server's submission port configured in the past.
>
> However, in the 2.6.2 postfix distribution I'm trying to configure
> now, the default definition of the submission port uses the same
> restrictions, but it applies them to the smtpd_CLIENT_restrictions
> parameter, NOT the smtpd_RECIPIENT_restrictions parameter. I'm
> trying to understand if that is just a typo in master.cf or if the
> change is legit and, if so, why.
Here's the example to which you refer:
#submission inet n - n - - smtpd
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
If you have already configured your smtpd_recipient_restrictions in
main.cf to allow SASL AUTH, this example does indeed work. It's
probably not a typo, but I agree, it can be confusing. Why do this
with smtpd_client_restrictions, and yet assume that you didn't have
smtpd_sasl_auth_enable=yes in main.cf already?
One thing I have learned in my years on this list: Wietse usually has
a reason, which might have been beyond my ability to understand. :)
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header
