This is part of what I plan to put on our new MTA (Postfix only) and MDA
(Postfix/Dovecot) servers.
Please tell me if I am doing anything foolish / dangerous.
My concern is whether I should put "permit_mynetworks" higher in the sender and
recipient restrictions.
smtpd_client_restrictions =
permit_mynetworks,
reject
smtpd_sender_restrictions =
reject_unlisted_sender, ( for MDA only )
reject_non_fqdn_sender,
reject_unknown_sender_domain,
permit_mynetworks,
reject
smtpd_recipient_restrictions =
reject_unknown_recipient_domain,
reject_non_fqdn_recipient,
permit_mynetworks,
reject
smtpd_relay_restrictions =
permit_mynetworks,
reject_unauth_destination,
reject
Thanks.
