On 4/7/2011 1:50 PM, Gábor Lénárt wrote:
On Thu, Apr 07, 2011 at 02:40:09PM -0400, Victor Duchovni wrote:
For submission:
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject
Then feel free to implement other checks in the sender restrictions if
that's easier to understand.
That's OK, but I have different level of HELO checks for SASL and "IP"
authenticated users. For sasl authenticated there are no checks (MUAs are
not famous to send meaningful HELO/EHLO names as I can say at least) but
MTAs which are allowed to relay through this server have more stricter
rules, that's why I am implemented it that way.
Authorized is authorized; don't put an authorized IP through
extra hoops just to see if they can configure a mail server
properly.
And I wanted to do this as
early as possible (so at sender), to match to the old system. But never
mind, I am starting to feel that it's useless to think this much, and
simplier and more managable config is a nicer solution anyway. Thanks for
your answers again!
Start with a simple, conventional configuration. Don't
pre-optimize yourself into an unmanageable installation.
-- Noel Jones
