Wietse, I have been running Postfix for over 10 years now. I am pretty familiar with the general Postfix configurations and with chroot. I also keep all of the files in /var/spool/postfix up to date. I am fine with leaving it off. I just normally have it on for some additional security.
I have 3 other servers that seem to work just fine with smtpd chroot'ed. However, none of those 3 have any smtpd_client_restrictions. This server is the only one that has that configuration and the only one experiencing any problems. If it was a bug, I just wanted to make sure it was reported. Jim On May 8, 2012, at 4:19 PM, Wietse Venema wrote: > JDL: >> I have been working through a problem for the last couple of hours. >> >> If have the following set in main.cf >> >> smtpd_client_restrictions = reject_unknown_client_hostname >> >> and the smtpd is chroot'ed in master.cf >> >> smtpd pass - - y - - smtpd >> >> then every message gets rejected due to unknown hostname, despite >> the forward and reverse DNS records being correct. > > Some distributions turn on the Postfix chroot feature. I think this > is a mistake, because most people don't know how to make chroot work. > Just turn it off. chroot is for sites with unusual requirements. > > Wietse
