On 06/15/2018 05:44 PM, J Doe wrote:
Jun 15 18:39:23.422 [8422] dbg: config: trusted_networks
are not configured; it is recommended that you configure
trusted_networks manually
My question is:
— Should I manually set trusted_networks to have the IP address
of the host it is running on and ignore the warning from --lint
or …
— Should I not set trusted_networks and ignore the warning from
--debug ?
On 16.06.18 06:33, David Jones wrote:
internal_networks should be any RFC 1918 networks that your mail
server sees plus any public networks that are in your control.
On 06/16/2018 09:37 AM, Matus UHLAR - fantomas wrote:
no. only servers that deliver mail to you, as your MX servers or other
mailservers directly within your organization should be in
internal_networks.
On 16.06.18 10:12, David Jones wrote:
That is basically the same thing worded a little differently. If you
have an internal mail relay and your SA server has a private IP on
it, then that will be an RFC 1918 IP or range in your
internal_networks.
the differences it that RFC1918 networks should NOT be listed in
internal_networks - only mail servers should be listed, no clients.
Mail with all Received headers of IPs within the internal_networks
will hit the ALL_TRUSTED rule.
ALL_TRUSTED uses trusted_networks, not internal_networks.
listing internal and external clients in trusted_networks is fine, but they
don't belong to internal_networks.
--
Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Saving Private Ryan...
Private Ryan exists. Overwrite? (Y/N)
