Am 09.07.2013 23:56, schrieb Jan P. Kessler: > > How can I configure my primary server to accept connections/mail from the > > secondary server but still refuse connections/mail from all other cable > > connections. > > I use TLS client certificates for these purposes* > > http://www.postfix.org/TLS_README.html > > * Not for backup to primary mx, but whenever I 'own' both sides of the > connection and one is behind a dynamic ip (soho server sends outgoing > mail via company relay, ...).
Please note that having a public MX behind a dynamic ip address may lead to situations where someone else gets your mail! I'm just thinking about setting up a honeypot postfix on my cable line at home ;).
