On Wed, Jan 12, 2022 at 10:44:18AM -0500, Wietse Venema wrote: > Wietse Venema: > > Wietse: > > > I think it is a mistake to enforce Spamhaus for clients that connect > > > to port 578. Clients on port 25 must authenticate. > > Sorry, 25 should have been 578.
how to control rules for 587? Is that controlled by the submission init n - n - - smtpd ?? > > > Ruben Safir: > > > I agree, but I don't know how to control rules for 587? > > > How do I tell it to do something only on port 587? > > > > In the stock master.cf file: > > > > #submission inet n - n - - smtpd > > # -o syslog_name=postfix/submission > > # -o smtpd_tls_security_level=encrypt > > # -o smtpd_sasl_auth_enable=yes > > # -o smtpd_tls_auth_only=yes > > # -o smtpd_reject_unlisted_recipient=no > > # Instead of specifying complex smtpd_<xxx>_restrictions here, > > # specify "smtpd_<xxx>_restrictions=$mua_<xxx>_restrictions" > > # here, and specify mua_<xxx>_restrictions in main.cf (where > > # "<xxx>" is "client", "helo", "sender", "relay", or "recipient"). > > # -o smtpd_client_restrictions= > > # -o smtpd_helo_restrictions= > > # -o smtpd_sender_restrictions= > > # -o smtpd_relay_restrictions= > > # -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject > > # -o milter_macro_daemon_name=ORIGINATING > > > > Once the "#" is removed, the smtpd restrictions are: > > > > submission inet n - n - - smtpd > > ... > > -o smtpd_client_restrictions= > > -o smtpd_helo_restrictions= > > -o smtpd_sender_restrictions= > > -o smtpd_relay_restrictions= > > -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject > > ... > > > > Note that there are no DNSBL checks on the submission port. > > > > Wietse > > -- So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998 http://www.mrbrklyn.com DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002 http://www.nylxs.com - Leadership Development in Free Software http://www2.mrbrklyn.com/resources - Unpublished Archive http://www.coinhangout.com - coins! http://www.brooklyn-living.com Being so tracked is for FARM ANIMALS and extermination camps, but incompatible with living as a free human being. -RI Safir 2013
