Viktor Dukhovni wrote: > On Fri, Jan 30, 2015 at 05:27:59AM +0000, srach wrote: > >>>> ?1. Know for sure that the relay mail comes from the #1 server.? A added >>>> header can be made fake so I look for a better way that is not possible to >>>> fake. >> >>> Restrict access to the non-default port via TLS client certs or SASL. > > And I often find it easier to configure client certs, no SASL or > PAM configuration nightmares. :-)
+1 It's one of the rare cases where something is more secure and less headache. Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature
