> On Mar 25, 2019, at 7:23 AM, VP Lists <[email protected]> wrote:
>
>>> smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated
>>> permit
>>
>> This is rather pointless.
Delete it, it serves no purpose.
>>> smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks
>>> reject unauthdestination permit
>>
>> This is rather busted.
>
> I don’t know why. This is how the package came.
No, it did not. It probably had:
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination,
permit
what you have rejects all inbound email from outside senders.
>>> smtpd_tls_ciphers = medium
>>> smtpd_tls_exclude_ciphers = SSLv2, aNULL, ADH, eNULL
>>
>> The default settings are better.
>
> These are the defaults it came with.
Take the defaults from a more recent release:
# Remove this from main.cf, taking the empty default
smtpd_tls_exclude_ciphers =
# Add these:
smtpd_tls_ciphers = medium
smtpd_tls_protocols = !SSLv2, !SSLv3
smtp_tls_ciphers = medium
smtp_tls_protocols = !SSLv2, !SSLv3
As for why "mynetworks" is not enough, perhaps time to look
at your master.cf file...
--
Viktor.
