On Sun, Feb 01, 2015 at 07:07:42PM +0530, Vishal Agarwal wrote:
> bounce_queue_lifetime = 6h
> maximal_queue_lifetime = 1d
Too short. The RFC recommended time is 5 days. Don't set these
shorter than 2 days, allowing sites 1 day to notice a problem and
another day to fix it.
> message_size_limit = 1536000000
Do you really handle email messages that are
over 1GB in size?
> smtpd_recipient_limit = 50
This is wrong, RFC 821, 2821 and 5321 require at least 100. The
Postfix default is 1000.
> smtpd_recipient_restrictions = reject_non_fqdn_recipient, permit_mynetworks,
> reject_unlisted_recipient, reject_rbl_client zen.spamhaus.org
> reject_rbl_client relays.mailabuse.org reject_rbl_client sbl.spamhaus.org,
> permit
> smtpd_relay_restrictions =
> permit_sasl_authenticated,
> permit_mynetworks,
> reject_unauth_destination
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_security_options = noanonymous
If outbound mail needs to require authentication provision a
submission service (MSA) on port 587, and set mynetworks to include
just the loopback address and perhaps a few peer MSAs that perform
the requisite authentication/authorization.
So in short your problem is that mynetworks allows too many clients.
Or you're testing from a client that should be allowed by IP address
alone, rather than from a client that needs to authenticate.
--
Viktor.
