/dev/rob0:
> On Fri, Sep 28, 2012 at 07:41:22PM +0200, Michael Storz wrote:
> > > -- Noel Jones
> > >No, this is wrong. The new feature means you may *optionally*
> > >separate relay decisions from smtpd_recipient_restrictions,
> > >providing a little more safety and flexibility than currently
> > >available. It is not a major semantic change -- IMHO not a
> > >semantic change at all, just an added feature.
> >
> > You are right, if smtpd_relay_restrictions is empty and delayed
> > restrictions will only be evaluated in smtpd_recipient_restrictions
> > then there is no semantic change.
>
> IIUC it will not be possible to have smtpd_relay_restrictions empty.
> It will be a mandatory setting such as smtpd_recipient_restrictions
> is now. If smtpd_relay_restrictions is not defined, the default is
> used: "permit_mynetworks, permit_sasl_authenticated,
> reject_unauth_destination".
Only one of smtpd_relay_restrictions and smtpd_recipient_restrictions
has to provide relay authorization.
Sites can migrate to Postfix 2.10 by setting smtpd_relay_restrictions
to an empty value, so that Postfix works exactly as before.
This simplifies the user interface, documentation, and migration;
it minimizes the amount of new code and the likelihood of new bugs.
Wietse
