Loading ...
Sorry, an error occurred while loading the content.

Re: exclude 127.0.0.1 from smtpd_tls_auth_only = yes

Expand Messages
  • Pol Hallen
    Thanks all for replies :-) I use linux. So, what should be do? I m confused :-/ How clone submission service? thanks for help Pol
    Message 1 of 12 , Jul 6, 2013
    • 0 Attachment
      Thanks all for replies :-) I use linux.

      So, what should be do? I'm confused :-/

      How clone submission service?

      thanks for help

      Pol
    • lists@rhsoft.net
      ... * /etc/postfix.master.cf * copy the submission line * change submission to 127.0.0.1:588 * add -o smtpd_tls_auth_only = no as param * with -o
      Message 2 of 12 , Jul 6, 2013
      • 0 Attachment
        Am 06.07.2013 15:46, schrieb Pol Hallen:
        > Thanks all for replies :-) I use linux.
        >
        > So, what should be do? I'm confused :-/
        >
        > How clone submission service?

        * /etc/postfix.master.cf
        * copy the submission line
        * change "submission" to 127.0.0.1:588
        * add "-o smtpd_tls_auth_only = no" as param
        * with "-o smtpd_*=value" you can override any config param
        * configure the local client to use port 588 instead the normal 587
      • Viktor Dukhovni
        ... I already answered this question, in my original follow-up to Wietse s advice, which indeed works on Solaris, and various other systems, but not on Linux
        Message 3 of 12 , Jul 6, 2013
        • 0 Attachment
          On Sat, Jul 06, 2013 at 03:46:48PM +0200, Pol Hallen wrote:

          > So, what should be do? I'm confused :-/
          >
          > How clone submission service?

          I already answered this question, in my original follow-up to
          Wietse's advice, which indeed works on Solaris, and various other
          systems, but not on Linux where wildcard listeners preclude
          per-address listeners on the same port (otherwise an X11 server
          listening on port 6000 may be intercepted by rogue listeners that
          listen on port 6000 at each of the machine's actual interface
          addresses). So the Linux behaviour is actually sensible for a
          change :-)

          --
          Viktor.
        • Wietse Venema
          ... I don t buy that argument. If their purpose was to address rogue listeners, then they would have compared the UIDs that create the sockets. As it is now,
          Message 4 of 12 , Jul 6, 2013
          • 0 Attachment
            Viktor Dukhovni:
            > On Sat, Jul 06, 2013 at 03:46:48PM +0200, Pol Hallen wrote:
            >
            > > So, what should be do? I'm confused :-/
            > >
            > > How clone submission service?
            >
            > I already answered this question, in my original follow-up to
            > Wietse's advice, which indeed works on Solaris, and various other
            > systems, but not on Linux where wildcard listeners preclude
            > per-address listeners on the same port (otherwise an X11 server
            > listening on port 6000 may be intercepted by rogue listeners that
            > listen on port 6000 at each of the machine's actual interface
            > addresses). So the Linux behaviour is actually sensible for a
            > change :-)

            I don't buy that argument. If their purpose was to address rogue
            listeners, then they would have compared the UIDs that create the
            sockets.

            As it is now, no user, not even root, can override their own wildcard
            bind with a more specific bind. And that is a bug.

            Wietse
          • Pol Hallen
            ... thanks all for help! :-) I uncannily solved put may rather than encrypted Pol
            Message 5 of 12 , Jul 7, 2013
            • 0 Attachment
              > As it is now, no user, not even root, can override their own wildcard
              > bind with a more specific bind. And that is a bug.

              thanks all for help! :-)

              I uncannily solved put "may" rather than "encrypted"

              Pol
            Your message has been successfully submitted and would be delivered to recipients shortly.