Hi, >>>> This is normal operation for a general-purpose mail server. Mail to >>>> local users can be received from anywhere (subject to spam >>>> controls). Only authorized users can relay to a third-party >>>> destinations. >>>> >>>> This is a typical setup for an internet-facing mail server. >>> >>> It's somewhat of an internal server, despite being connected to the >>> Internet. No one was ever supposed to connect to it directly, and >>> trying to convert everyone to SMTP Auth is going to be a challenge. >> >> The config for an internal server is pretty simple, something like >> >> smtpd_recipient_restrictions = >> check_client_access hash:/etc/postfix/allowed_clients >> check_client_access hash:/etc/postfix/pop-b-smtp >> # next line optional >> permit_mynetworks >> # finally, reject anything not explicitly allowed >> reject
I have two different threads going for two different servers (one a relay, one a mail store), so I don't want to make it confusing. This is for the mail store. Will this set of restrictions above prevent the standard Internet user who hasn't authenticated using pop-b-smtp from being able to send mail to the local recipients? That is what I'd like to be able to do. pop-b4-smtp is so old that I'm reluctant to continue to maintain it on the new system, but it may just be to my benefit instead of the difficulty with forcing SMTP Auth from the day the server goes live. Standard users on the Internet should not be mailing this server directly, so I'd like to either require pop-b4-smtp or SMTP Auth and otherwise reject mail outright. Shouldn't I just eliminate pop-b4-smtp in this day and age and require SMTP Auth? Thanks, Alex
