Hi,
Thanks for your replies. I know how to allow relay by its IP address but I'm 
just afraid that it would be easy to fake an up address and use my server as a 
spam relay. I would prefer to combine this with some form of authentication. 
Would you happen to know a good manual for setting up SASL authentication or a 
client certificate?

Thanks!
Lucas

Viktor Dukhovni <postfix-us...@dukhovni.org> schreef:

>On Thu, Apr 18, 2013 at 04:31:41PM +0200, L.W. van Braam van Vloten
>wrote:
>
>> Could you please advise what would be the preferred, secure approach
>to
>> achieve this?
>
>When you say "secure", what security mechanisms are acceptable?  You
>could operate a TLS protected submission service that the other host
>can reach via suitable SASL credentials or a TLS client certificate.
>
>Or as Ralf suggests you could just allow it to relay by its IP
>address.  IP addresses change from time to time, but key management
>is not a bed of roses either.
>
>-- 
>       Viktor.

-- 
Verzonden van mijn Android telefoon met K-9 Mail.

Reply via email to