postfix settings seem to have changed

Discussion in 'HOWTO-Related Questions' started by gobrien, Jul 4, 2013.

  1. gobrien

    gobrien New Member

    I'm using The Perfect Server - Ubuntu 12.04 LTS (Apache2, BIND, Dovecot, ISPConfig 3) - Page 4 and the values in /etc/postfix/master.cf are no longer as shown in the document. They were last week on my dry run, but now (for the main event) they are different.

    Any update on which of these to uncomment (in addition to the ones that remain the same as in the HOWTO) greatly appreciated.

    Gareth.

    Code:
    #tlsproxy  unix  -       -       -       -       0       tlsproxy
    submission inet n       -       -       -       -       smtpd
      -o syslog_name=postfix/submission
      -o smtpd_tls_security_level=encrypt
      -o smtpd_sasl_auth_enable=yes
    #  -o smtpd_reject_unlisted_recipient=no
    #  -o smtpd_client_restrictions=$mua_client_restrictions
    #  -o smtpd_helo_restrictions=$mua_helo_restrictions
    #  -o smtpd_sender_restrictions=$mua_sender_restrictions
    #  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
    #  -o milter_macro_daemon_name=ORIGINATING
    smtps     inet  n       -       -       -       -       smtpd
      -o syslog_name=postfix/smtps
      -o smtpd_tls_wrappermode=yes
      -o smtpd_sasl_auth_enable=yes
    #  -o smtpd_reject_unlisted_recipient=no
    #  -o smtpd_client_restrictions=$mua_client_restrictions
    #  -o smtpd_helo_restrictions=$mua_helo_restrictions
    #  -o smtpd_sender_restrictions=$mua_sender_restrictions
    #  -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
    #  -o milter_macro_daemon_name=ORIGINATING
     
  2. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    Your above example is ok. If you want to disallow normal mail deliveries from other servers over smtps and submission port, then you can also uncomment the line:

    -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject

    so these ports will only accept emails after the serbder authenticated itself. If you leve it as it is at the moment (whic is ok), these ports will behave like port 25 (accept emails for local mailboxes without authentication and require authentication for relaying).
     
  3. gobrien

    gobrien New Member

    Thanks Till!
     

Share This Page