On Sat, Nov 19, 2016 at 01:33:34PM -0600, /dev/rob0 wrote: > A much simpler and better way to do this and to force the use of > submission for your clients is to change the default on port 25, > and to override relay restrictions in master.cf for submission, > port 587: > > main.cf : > > [ ... ] > mua_relay_restrictions = > check_sender_access <some-lookup-or-query-file>, reject > smtpd_relay_restrictions = reject_unauth_destination > [ ... ] > > master.cf : > > [ ... ] > submission [ ... ] smtpd > -o smtpd_relay_restrictions=$mua_relay_restrictions > [ -o to unset any other restrictions in use, plus the ones > which are found in the sample master.cf submission entry ] > [ ... ]
Sorry, I forgot to mention that the check_sender_access lookup should return "permit_sasl_authenticated" for any of your own domains or addresses. Without that "minor" detail things could be very bad. :) -- http://rob0.nodns4.us/ Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
