On Wed, Apr 21, 2010 at 09:49:49PM -0500, Noel Jones wrote:
> "submission" is commented out in the default postfix config because
> a relatively small subset of folks using postfix need it, and it's
> not nice to open ports not needed.
I would say that the subset is (or will soon be) a majority of sites,
given the widespread blocking of port 25 for end users. However, as a
default, it would not make sense to enable submission, because it
relies on external software to provide SASL AUTH. Postfix is designed
to work stand-alone, out of the box.
In another part of this thread, the OP mentioned having read that
"smtpd_delay_reject = no" was a good idea. Much thought has gone into
Postfix default settings. Sometimes these defaults need to be changed
for a site, but the best thing to do is to consult the documentation
and find what the reasoning was for the default setting. The default
smtpd_delay_reject=yes makes good sense in most cases. Inexperienced
people often think that getting rid of them at CONNECT is going to
save bandwidth, but there is no evidence to support this. It's just
as likely that poorly-coded spam clients are going to connect again
and keep trying. Penny wise, pound foolish.
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header
