Just so there is no misunderstanding: I am unhappy running an older version that is not updated with security fixes anymore and I had planned to upgrade before now (but not immediately when 10.8 came out as 10.8.0 Server was not what you say trustworthy. I skipped 10.7 server altogether because it is a disaster area.
I plan to upgrade asap to 10.8 server. For now, I came up with: smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated check_client_access hash:/etc/postfix/whitelist_mtaclientdomains reject_rbl_client zen.spamhaus.org permit smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination check_client_access hash:/etc/postfix/whitelist_mtaclientdomains check_policy_service unix:private/policy permit Which makes sure some clients are permitted before they end up in either RBL or Policy. Just for you more experienced people: is this OK? Does macports overwrite what Apple has provided or does it have its own separate tree (like fink used to have, which means you get another job that is: keeping the second tree up to date)? G On 2 Feb 2013, at 20:36, James Griffin wrote: > --> Gerben Wierda <gerben.wie...@rna.nl> [2013-02-02 19:37:41 +0100]: > >> Actually, I'm still on /usr/libexec/postfix/greylist.pl >> as I am using Mac OS X Server 10.6.8 and I haven't dared to upgrade >> to a higher version of OS X Server as they were busy crippling it >> in many respects. > > It's actually very easy to upgrade your Postfix installation by > compiling the source code. I have needed to do it numerous times, > it's worth getting into the habit of upgrading in this way if you're > using internet servers. > > You can also use the Macports system. It will provide a way for you > to use the newer Macports Postfix and stop the Apple installed > Postfix using launchctl. It's all automated and practically idiot > proof. > > > -- > Primary Key: 4096R/1D31DC38 2011-12-03 > Key Fingerprint: A4B9 E875 A18C 6E11 F46D B788 BEE6 1251 1D31 DC38
