julienmalik
commented
9 years ago Backported in https://github.com/YunoHost/yunohost-config-postfix daily branch
Closed jeromelebleu closed 9 years ago
julienmalik
commented
9 years ago Backported in https://github.com/YunoHost/yunohost-config-postfix daily branch
julienmalik
commented
9 years ago Took the time to look into it and read the tutorial.
Just to confirm, I strongly support smtpd_tls_auth_only=yes. Better make everything we can to avoid users exposing their password, than support bad clients.
Update main configuration for TLS support and enable submission service (port 587) to allow only TLS connection on it - based on this tutorial.
I'm not sure about the _smtpd_tls_authonly since - as better explained here - it can be either a security risk or a non-compatibility issue with non-TLS clients... What's the most important? Since at the moment it's still possible to connect with SSL on the - yet depreciated - port 465.