Loading ...
Sorry, an error occurred while loading the content.

Re: RBLs, submission port, and permit_sasl_authenticated

Expand Messages
  • Quanah Gibson-Mount
    --On Thursday, January 17, 2013 10:17 PM -0600 Noel Jones ... Hi Noel, Thanks again. There was a problem with my simple test script (it wasn t actually
    Message 1 of 12 , Jan 18, 2013
    • 0 Attachment
      --On Thursday, January 17, 2013 10:17 PM -0600 Noel Jones
      <njones@...> wrote:

      > On 1/17/2013 4:42 PM, Quanah Gibson-Mount wrote:
      >>
      >> With testing, I have the following for 465/submission. Thanks again
      >> for the pointers! I used reject_unauth_destination because with
      >> just "reject", some of my mail tests failed.
      >
      >
      > That implies you were sending unauthenticated mail to a local domain
      > via smtps. As a general rule, that's something you want to prevent
      > since it bypasses all your carefully crafted antispam controls. I
      > have seen a few attempts to deliver spammy-looking unauthenticated
      > mail via smtps/465, haven't noticed it on submission/587 (but never
      > really looked for it).
      >
      > So reject_unauth_destination is OK for testing, but for production I
      > would strongly suggest leaving it at reject.
      >
      > If you need to send unauthenticated mail over smtps/submission on an
      > ongoing basis, you can define a very limited -o mynetworks=...
      > setting and add permit_mynetworks before the reject.

      Hi Noel,

      Thanks again. There was a problem with my simple test script (it wasn't
      actually authenticating). I fixed that, and "reject" is definitely what I
      want.

      --Quanah

      --

      Quanah Gibson-Mount
      Sr. Member of Technical Staff
      Zimbra, Inc
      A Division of VMware, Inc.
      --------------------
      Zimbra :: the leader in open source messaging and collaboration
    Your message has been successfully submitted and would be delivered to recipients shortly.