On 12/9/2011 10:04 AM, Charles Marcus wrote: > On 2011-12-09 10:07 AM, Grant <emailgr...@gmail.com> wrote: >>> master.cf: >>> >>> submission inet n - n - - smtpd >>> -o smtpd_sasl_auth_enable=yes >>> -o >>> smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject >>> > > You should also have: > > smtpd_tls_security_level=encrypt > > for the submission service... >
Normally yes, but OP is using submission for unencrypted, unauthenticated local mail. I also suggested he explicitly set -o smtpd_tls_auth_only=yes and add reject_plaintext_session, but apparently he knows better. -- Noel Jones
