* Yassine Chaouche: > So the only thing that I need submission port for seems to be to force > TLS connexions, right ?
You already mentioned having different policies, so the possibilities are numerous. Having the dedicated submission port allows me to easily force encryption, force authentication (password, client certificates), limit users to certain sender domains, add DKIM signatures, to name just some examples. I can also flat out reject envelope senders foo@mydomain on port 25, add DNS BL/WL checks, various milters, etc. In my experience it is easier to configure (and understand) how your Postfix instances are operating when inbound and outbound emails are entering via separate ports. -Ralph
