On Tue, Jan 29, 2013 at 12:22:35PM +0100, M. Fioretti wrote: > of course, any comment on this is still welcome, as well as on any > weakness in my server postconf -n output.
The original issue was to be able to relay from a dynamic residential IP address on your server. Your solution, adding the dynamic IP to mynetworks, is less than ideal in many ways. For one thing, it's a high-maintenance solution, where you must change mynetworks with every IP address change. For another, what if you don't get to it? What if the new owner of your previous IP address is running malware with an open relay tester? What if that malware finds you? Ouch! The standard solution is SASL AUTH (typically also requiring TLS encryption for security.) This is covered here: http://www.postfix.org/SOHO_README.html#client_sasl_enable A less common, but very good, solution is TLS authentication, which is covered here: http://www.postfix.org/TLS_README.html#server_access If you don't want to get into all that, you can use a VPN like openvpn to make a tunnel through which to send your mail, and add your tunnel IP address to mynetworks. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
