On 24/05/2024 03:15, Peter via Postfix-users wrote:
No you definately should disable auth on port 25 regardless. It is
possible for postscreen to pass a connection to smtpd and smtpd can
*then* offer auth.
To answer your original question, you can just set -o
smtpd_sasl_auth_enable=no in master.cf but it has to be on the smtpd
service, not on postscreen. That said, I recommend not setting
smtpd_sasl_auth_enable in main.cf and instead explicitly set it on
your submission and/or submissions service in master.cf instead.
When it comes to things like this it is generally better to default
to off and explicitly turn on rather than default to on and
explicitly turn off.
On 24.05.24 10:51, Allen Coates via Postfix-users wrote:
Many moons ago I was told to put "smtpd_sasl_auth_enable=no" in
main.cf, blocking the function everywhere, and then put "-o
smtpd_sasl_auth_enable=yes" in the submission stanza(s) in master.cf,
expressly enabling it *just* there.
smtpd_sasl_auth_enable it "no" by default, but OP may have it enabled by
having "smtpd_sasl_auth_enable=yes" in main.cf
If OP does not need SASL on port 25 (clients should use 465/587), it's
better to disable it.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Support bacteria - they're the only culture some people have.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
