On 12/16/2011 8:49 AM, Wietse Venema wrote: > Wietse Venema: >> Stan Hoeppner: >>> On 12/15/2011 8:19 AM, /dev/rob0 wrote: >>> >>>> The old default of most MUAs to use port 25 was wrong, and it is now >>>> coming back to haunt you. That said, you have workarounds: >>>> >>>> - Use a different IP address for port 25 MX and submission mail >>> >>> If *all* your MUAs submitting to TCP 25 are on a known internal subnet, >>> such as corporate network desktops, the fix is even easier as it >>> requires no MUA reconfiguration. The following assuming your Postfix >>> server is Linux. >> >> [iptables] >> >> Or simply list the clients in mynetworks. > > No, this redirects client from the MTA port (with postscreen) > to the MUA port (with submission service). > > Wietse
You've confused me now Wietse. Is the iptables redirect to a submission port 'better' in this case, or simply plugging the subnet into mynetworks? Does using mynetworks on standard TCP 25 cause clients to bypass postscreen or no? -- Stan
