On 12/07/11 13:16, Grant wrote: > > Are you sure? I was using smtps like this: > > smtps inet n - n - - smtpd > -o smtpd_tls_wrappermode=yes > # -o smtpd_sasl_auth_enable=yes > # -o smtpd_client_restrictions=permit_sasl_authenticated,reject > # -o milter_macro_daemon_name=ORIGINATING > > but I should switch to the below?
Are all of your clients in mynetworks? If so, it doesn't really matter unless you want to prevent your own users from forging the envelope sender or "From:" address. This would enable SASL: > -o smtpd_sasl_auth_enable=yes This would allow authenticated users to relay, and reject everything else: > -o smtpd_client_restrictions=permit_sasl_authenticated,reject And this does nothing unless you use a filter and want to distinguish between incoming and outgoing mail: > -o milter_macro_daemon_name=ORIGINATING