Hi, Mikko Toivola wrote: > I've configured such a system myself, it's no biggie really, since you > already have set up sasl & stuff. You don't have to set up any > "duplicate" -systems, just configure your postfix to allow relaying if > user is authenticated, that's basically it. My postfix is also set up to > listen SMTP/SSL TCP-port (465), since my ISP is blocking port-25 > connections to anywhere else than their own mailserver (found that out > after hours of debugging). TLS works on port 25, so it's possible to use > that also, port 465 is strictly SSL. Blocking port-25 access seems to be > quite common nowadays (due to viruses & spam), so I've told everyone > just use port 465 and SSL (oh, and that's the only secure-smtp apple > mail understands). I can post critical parts of postfix configs later > on, now i'm in a bit of a horry. Net is also full of tutorials for this, > just google for "postfix sasl authentication", it's not that uncommon > setup.
FWIW, port 587 is the standard for mail submission. I have that set up with SMTP AUTH and TLS. In /etc/postfix/master.cf: ----- submission inet n - n - - smtpd -o smtpd_etrn_restrictions=reject -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject and for SSL ----- smtps inet n - n - 50 smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes In /etc/services (somewhere): ----- submission 587/tcp # Submission [RFC2476] submission 587/udp ssmtp 465/tcp smtps # SMTP over SSL hth, -- Bob _______________________________________________ This mailing list is hosted and supported by bit-heads GmbH | http://www.bit-heads.ch _______________________________________________ Web-cyradm mailing list [email protected] http://www.web-cyradm.org/mailman/listinfo/web-cyradm
