246557Re: permit_sasl_authenticated ONLY from one interface
- Dec 1, 2008mouss wrote:
> Simone Felici a écrit :(discarding starttls may be too much, but OP can decide for
>> mouss ha scritto:
>>> Simone Felici a écrit :
>>>> Why? Uhm, dunno...
>>>> It seems certain mailclients has Autenticated smtp enabled as default
>>>> and if the client found the smtp server support it, then it try to send
>>>> in auth. This return an error, due inappropriate settings of the client.
>>> if you know their IPs, you can use
>> this could be a solution... but haven't find any example or documation
>> to try it.
>> Could you pount me at any example?
> make sure to read:
> == discard_ehlo
> 10.1.2.3 starttls, auth, silent-discard
> (silent-discard prevents postfix from logging this "keyword discard"
I think this is even easier:
The simplest form of this is:
smtpd_sasl_exceptions_networks = $mynetworks
>> The initial problem was:The behavior you describe is the standard settings:
>> I've an SMTP server for customers, with standard smtp open only from a
>> range of IPs.
>> Could I provide normal smtp service for customers of a range of known IP
>> (like now) and open my server to all the world for smtp service but ONLY
>> if autenthicated smtp i sused?
>> Is the MUA with an IP of my customers?
>> YES: It can send without any authentication.
>> NO: It can send ONLY it a user/pass is provided.
... other restrictions ...
You only need to make special arrangements such as mouss and I
describe when you don't want to ever offer AUTH to local
clients. Offering AUTH to everyone does not present a problem
to the vast majority of clients.
- << Previous post in topic Next post in topic >>