On Mon, May 13, 2013 at 6:42 PM, Noel Jones <njo...@megan.vbhcs.org> wrote:
> On 5/13/2013 6:34 PM, Steve Jenkins wrote: > > On Wed, May 1, 2013 at 5:14 AM, /dev/rob0 <r...@gmx.co.uk > > <mailto:r...@gmx.co.uk>> wrote: > > > > > > > > Here are my current entries: > > > > > > smtpd_recipient_restrictions = > > > permit_mynetworks, > > > permit_sasl_authenticated, > > > > I don't put these permit_* in global restrictions; I only apply them > > to submission via -o smtpd_relay_restrictions=... in master.cf > > <http://master.cf>. And > > that brings up another point: if you're using 2.10 you now have > > smtpd_relay_restrictions for relay control. > > > > > > First, thanks for the extremely insightful help, Rob. > > > > OK - I commented those two lines out of smtpd_recipient_restrictions > > as recommended, and added a new smtpd_relay_restrictions -o line to > > submission in master.cf <http://master.cf>. My submission now reads: > > > > submission inet n - n - - smtpd > > -o smtpd_tls_security_level=encrypt > > -o smtpd_sasl_auth_enable=yes > > -o smtpd_client_restrictions=permit_sasl_authenticated,reject > > -o milter_macro_daemon_name=ORIGINATING > > -o > > > smtpd_relay_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination > > > > However, I get this when sending a message from my home desktop > > (connected via Comcast) via my personal Postfix server to my Gmail > > test address: > > Don't forget that all the other main.cf parameters are still in > effect on your "submission" entry; likely you're seeing unintended > spillover. > > I suggest setting ALL the smtpd_*_restrictions entries for > submission in master.cf so you don't have unexpected results. > > submission inet n - n - - smtpd > -o smtpd_tls_security_level=encrypt > -o smtpd_sasl_auth_enable=yes > -o milter_macro_daemon_name=ORIGINATING > -o smtpd_client_restrictions= > -o smtpd_helo_restrictions= > -o smtpd_sender_restrictions= > -o smtpd_recipient_restrictions= > -o smtpd_relay_restrictions=permit_sasl_authenticated,reject Hmm.. for some reason, I can't seem to get it to aceept my smtpd_relay_restrictions settings. In main.cf: smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination but the I get: # postconf -d | grep smtpd_relay smtpd_relay_restrictions = permit_mynetworks, reject_unauth_destination Any idea why my permit_sasl_authenticated is being ignored in favor of the default? SteveJ
