[TriLUG] Re: postfix question/problem
Glenn Hennessee
Glenn_Hennessee at ncsu.edu
Sat Sep 16 13:46:24 EDT 2006
Alan Porter wrote:
>
> You're locking out everyone outside of your own network.
>
>
> #--------------------------------------------------
> # INCOMING SMTP AUTHENTICATION --------------------
> #--------------------------------------------------
> # (MY USERS SENDING MAIL THROUGH ME)
> # (RANDOM MAIL SERVERS SENDING MAIL TO MY USERS)
> #--------------------------------------------------
>
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_application_name = smtpd
> smtpd_sasl_security_options = noanonymous
> # (1) Accept mail from localhost (needed for Squirrelmail to work).
> # (2) Accept mail that is from an authenticated user and destined for
> anywhere.
> # (3) Reject mail for destinations that I am not in charge of (forwarder
> or final).
> # (4) Check the "greylist" which is maintained by the "postgrey" package.
> # (5) Accept anything else (mail where I am the forwarder or the final
> destination).
> # TODO - perhaps replace reject_unauth_destination with
> check_relay_domains ???
> smtpd_recipient_restrictions = permit_mynetworks
> permit_sasl_authenticated reject_unauth_destination check_policy_service
> inet:127.0.0.1:60000
> smtpd_sasl_local_domain = $myhostname
>
> #--------------------------------------------------
>
>
> You can forget about (4) and the "inet:127.0.0.1:60000" stuff.
> That's for greylisting.
>
>
> Alan
>
>
>
>
Thanks! that worked after I removed the part check_policy_service as
well as the inet:127.0.0.1. From what I found with google the check_* is
part of the greylisting as well. I'm much happier now.
glenn
--
Glenn Hennessee
Department of Chemistry
NC State University
Raleigh, NC 27606
Voice: (919) 515-2947 FAX: (919) 515-8909
Email: Glenn_Hennessee at ncsu.edu
More information about the TriLUG
mailing list