On 2011-10-25 7:48 AM, Nikolaos Milas <nmi...@noa.gr> wrote:
*Question 1:*
Is it enough to uncomment (in /etc/postfix/master.cf):
#smtps inet n - n - - smtpd
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
... and open port 587 on the firewall?
No... this is the deprecated smtps port (smtp over ssl on port 465)...
You want to uncomment these lines:
submission inet n - n - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_tls_auth_only=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
*Question 2:*
If I don't use the -o smtpd_client_restrictions option, then
smtpd_client_restrictions from main.cf apply, or I must configure them
explicitly here?
You must explicitly configure them here since it is a separate service.
And:
*Question 3: *
Just to make sure! The above change (addition) should leave current
behavior on port 25 unaltered? Please confirm!
Yes...
--
Best regards,
Charles
