Submission clients bypass MYNETS policy
Alex
mysqlstudent at gmail.com
Tue Sep 20 21:30:20 CEST 2011
Hi,
>> in master.cf:
>>
>> submission inet n - n - - smtpd
>> -o smtpd_tls_security_level=encrypt
>> -o smtpd_sasl_auth_enable=yes
>> -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>> -o receive_override_options=no_address_mappings
>> -o content_filter=smtp-amavis:[127.0.0.1]:10026
>
> You MAY be less strict on the TLS side. The submission RFC recommends TLS, but
> doesn't say it is mandatory. If you allow plaintext authentication mechanisms
> such as PLAIN or LOGIN, you should set "encrypt" as smtpd_tls_security_level.
> In any other case you can choose "may".
Thanks very much for all your help. After I understood the data path
and how the data got from the submission port to amavis, I figured it
out.
Thanks again,
Alex
More information about the amavis-users
mailing list