On 5/27/2017 8:05 AM, John Ankarström wrote: > To clarify my questions: > > - Am I correct in my assumptions about `smtp' and `submission'?
Yes, submission and smtpd both accept mail from the network using the same protocol and same executable, but with different settings. The expectation is that authorized clients will use submission, and the general internet will use smtpd. > - What restrictions should I use for `submission'? Typically there are few restrictions on submission other than checking to see if the client is authorized. The basic "permit_sasl_authenticated, reject" is generally appropriate, but some people add "permit_mynetworks" to allow relaying from authorized static IPs. > - Do the restrictions set in main.cf look good? (Through testing, The default permissions are safe, preventing open relay from unauthorized clients. Most people add additional anti-spam restrictions to the internet-facing smtp...smtpd service by adjusting the smtpd_*_restrictions parameters in main.cf, but leave the submission service unchanged. -- Noel Jones --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
