On 5/13/2013 8:42 PM, Noel Jones wrote: > On 5/13/2013 6:34 PM, Steve Jenkins wrote: >> On Wed, May 1, 2013 at 5:14 AM, /dev/rob0 <r...@gmx.co.uk >> <mailto:r...@gmx.co.uk>> wrote: >> >> > >> > Here are my current entries: >> > >> > smtpd_recipient_restrictions = >> > permit_mynetworks, >> > permit_sasl_authenticated, >> >> I don't put these permit_* in global restrictions; I only apply them >> to submission via -o smtpd_relay_restrictions=... in master.cf >> <http://master.cf>. And >> that brings up another point: if you're using 2.10 you now have >> smtpd_relay_restrictions for relay control. >> >> >> First, thanks for the extremely insightful help, Rob. >> >> OK - I commented those two lines out of smtpd_recipient_restrictions >> as recommended, and added a new smtpd_relay_restrictions -o line to >> submission in master.cf <http://master.cf>. My submission now reads: >> >> submission inet n - n - - smtpd >> -o smtpd_tls_security_level=encrypt >> -o smtpd_sasl_auth_enable=yes >> -o smtpd_client_restrictions=permit_sasl_authenticated,reject >> -o milter_macro_daemon_name=ORIGINATING >> -o >> smtpd_relay_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination >> >> However, I get this when sending a message from my home desktop >> (connected via Comcast) via my personal Postfix server to my Gmail >> test address: > > Don't forget that all the other main.cf parameters are still in > effect on your "submission" entry; likely you're seeing unintended > spillover. > > I suggest setting ALL the smtpd_*_restrictions entries for > submission in master.cf so you don't have unexpected results. > > submission inet n - n - - smtpd > -o smtpd_tls_security_level=encrypt > -o smtpd_sasl_auth_enable=yes > -o milter_macro_daemon_name=ORIGINATING > -o smtpd_client_restrictions= > -o smtpd_helo_restrictions= > -o smtpd_sender_restrictions= > -o smtpd_recipient_restrictions= > -o smtpd_relay_restrictions=permit_sasl_authenticated,reject >
and don't forget -o smtpd_data_restrictions= -o smtpd_end_of_data_restrictions= > > > -- Noel Jones >