I'll try to answer myself.
As i see, the options "from local" and "for local" is the defaults, and can
be omitted?
So, the first match can be cut to
match action "mbox" ??
the my first question i have understood, if "from local" is the default,
than it will not work without "from any"
the second question was about "from any" in the 4th match. I see, if i try
to send email, i connect to egress, so this is not local, and will not
work. also i cant use "from "
and in trird match, mails from dkim proxy come to lo0, so they are
processed as local and the rule can be extended to:
match from local tag DKIM for any action "relay" am i right?
so the last question, can i limit mta to inet4 only?
ср, 31 окт. 2018 г. в 15:04, Илья Коскин :
> Hello list! Please look at my match-action definitions:
>
> action "mbox" mbox alias
> action "mda" mda "/usr/local/bin/procmail" alias
> action "relay" relay
> action "relay_dkim" relay host smtp://127.0.0.1:10027
>
> match for local action "mbox"
> match from any for domain action "mda"#2nd match
> match tag DKIM for any action "relay" #3rd match
> match auth from any for any action "relay_dkim" #4th match
>
> I have some questions about matches.
> 1) If I remove "from any" in the second match, smtpd will not accept any
> mail from internet. Why?
> 2) In the 4th match, again, without "from any" I can't send mail to
> anywhere. How can I know, where i need to use "from any" and where i don't?
> For example 3rd match work without "from any"
> 3) is this config comosed secure and correctly?
> maybe it is option to use
> match auth from for any action "relay_dkim" ?
> if this work, it can partially help to prevent spamming from compromised
> users.
>
> Also, is there any way to limit mta sending only from ipv4?
>
> Thank's!
>
>
