Hi, Thanks for your replies. I know how to allow relay by its IP address but I'm just afraid that it would be easy to fake an up address and use my server as a spam relay. I would prefer to combine this with some form of authentication. Would you happen to know a good manual for setting up SASL authentication or a client certificate?
Thanks! Lucas Viktor Dukhovni <postfix-us...@dukhovni.org> schreef: >On Thu, Apr 18, 2013 at 04:31:41PM +0200, L.W. van Braam van Vloten >wrote: > >> Could you please advise what would be the preferred, secure approach >to >> achieve this? > >When you say "secure", what security mechanisms are acceptable? You >could operate a TLS protected submission service that the other host >can reach via suitable SASL credentials or a TLS client certificate. > >Or as Ralf suggests you could just allow it to relay by its IP >address. IP addresses change from time to time, but key management >is not a bed of roses either. > >-- > Viktor. -- Verzonden van mijn Android telefoon met K-9 Mail.
