Dnia 18.05.2021 o godz. 11:45:53 post...@ptld.com pisze: > > Yes, and postfix X is not the MX server for the recipient domain. If > you didn't get the beginning of this thread, the purpose of postfix > X is to be only a submission service for dovecot/imap. I wouldn't > even use postfix if possible and let dovecot do the submission:587 > service however dovecot has no mechanisms for > reject_sender_login_mismatch. So i need postfix in the loop unless i > want to allow people to send spoofed from addresses.
If Postfix on server X is only for submission, then how does Postfix on server Y deliver mail to server X? Is this done using LMTP to Dovecot via TCP socket? Or do you just send the mail back from Postfix on server Y to Postfix on server X, which delivers it to users' mailboxes, where they are picked up by Dovecot? In the latter case you need Postfix on server X for delivery, not only for submission. In either case, I would suggest moving the submission service from server X to server Y. Then your problem of sending the mail to server Y would be solved automatically. You only need the Postfix submission service on server Y to authenticate remotely to Dovecot on server X, which can be done using TCP socket instead of UNIX socket for authentication. Then you can either leave Postfix on server X for delivery from server Y only, or get rid of Postfix completely and deliver mail from Y to X over LMTP. Of course you should protect the connection between server X and server Y so that only server Y can access the services on server X (iptables). -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub."
