On 12/8/2011 2:49 PM, Grant wrote: > Is it alright to send on port 25 from Squirrelmail when it's on the > same machine as postfix?
OK, but not optimal. Better to leave on 465 to separate the traffic. > That way I can make 587 require TLS and > authentication but not require that local Squirrelmail encrypt or > authenticate. You can use SquirrelMail on 587. It doesn't work right now because of your smtpd_security_level=encrypt. You could change your submission restrictions to something like -o smtpd_security_level=may -o mynetworks=127.0.0.1 -o smtpd_tls_auth_only=yes -o smtpd_recipient_restrictions=permit_mynetworks,reject_plaintext_session,permit_sasl_authenticated,reject ... other stuff ... ie. allow localhost to submit mail plaintext with no auth; all others require STARTTLS and auth. -- Noel Jones
