> On Apr 29, 2018, at 2:03 PM, Dominic Raferd <domi...@timedicer.co.uk> wrote:
>
> Thanks for the correction. Not sure how they were slipping past -
> maybe it was one of my permit_dnswl_client lines in
> smtpd_recipient_restrictions (which came before
> reject_unauth_destination), but am pleased that I am now stopping
> them.
Indeed that permit SHOULD NOT precede reject_unauth_destination if
the intent is to use the recipient restrictions also for relay
control (the traditional combined role).
It is good to see relay restrictions working as intended. The all
in one approach can be fragile.
--
Viktor.
