From 74f8113d8f492c212077cfecb1de11bdde240742 Mon Sep 17 00:00:00 2001 From: Aaron LI Date: Wed, 7 Mar 2018 11:45:47 +0800 Subject: mail/postfix: update $mynetworks_style and $relay_domains description --- roles/mail/templates/postfix/main.cf.j2 | 54 ++++++++------------------------- 1 file changed, 13 insertions(+), 41 deletions(-) (limited to 'roles') diff --git a/roles/mail/templates/postfix/main.cf.j2 b/roles/mail/templates/postfix/main.cf.j2 index 35093d9..ea0f9ec 100644 --- a/roles/mail/templates/postfix/main.cf.j2 +++ b/roles/mail/templates/postfix/main.cf.j2 @@ -173,50 +173,22 @@ mydestination = $myhostname, localhost.$mydomain, localhost # In particular, "trusted" SMTP clients are allowed to relay mail # through Postfix. See the 'smtpd_recipient_restrictions' parameter. # -# You can specify the list of "trusted" network addresses by hand -# or you can let Postfix do it for you (which is the default). -# -# By default (mynetworks_style = subnet), Postfix "trusts" SMTP -# clients in the same IP subnetworks as the local machine. -# -# Specify "mynetworks_style = class" when Postfix should "trust" SMTP -# clients in the same IP class A/B/C networks as the local machine. -# Don't do this with a dialup site - it would cause Postfix to "trust" -# your entire provider's network. Instead, specify an explicit -# mynetworks list by hand, as described below. -# -# Specify "mynetworks_style = host" when Postfix should "trust" -# only the local machine. +# * host: (default) trust only the local machine. +# * subnet: trust SMTP clients in the same IP subnetworks as the local +# machine. +# * class: trust SMTP clients in the same IP class A/B/C networks as +# the local machine. +# WARNING: Don't do this with a dial-up site - it would cause +# Postfix to "trust" your entire provider's network! Instead, +# specify an explicit mynetworks list by hand. # mynetworks_style = host -# The relay_domains parameter restricts what destinations this system will -# relay mail to. See the smtpd_recipient_restrictions description in -# postconf(5) for detailed information. -# -# By default, Postfix relays mail -# - from "trusted" clients (IP address matches $mynetworks) to any destination, -# - from "untrusted" clients to destinations that match $relay_domains or -# subdomains thereof, except addresses with sender-specified routing. -# The default relay_domains value is $mydestination. -# -# In addition to the above, the Postfix SMTP server by default accepts mail -# that Postfix is final destination for: -# - destinations that match $inet_interfaces or $proxy_interfaces, -# - destinations that match $mydestination -# - destinations that match $virtual_alias_domains, -# - destinations that match $virtual_mailbox_domains. -# These destinations do not need to be listed in $relay_domains. -# -# Specify a list of hosts or domains, /file/name patterns or type:name -# lookup tables, separated by commas and/or whitespace. Continue -# long lines by starting the next line with whitespace. A file name -# is replaced by its contents; a type:name table is matched when a -# (parent) domain appears as lookup key. -# -# NOTE: Postfix will not automatically forward mail for domains that -# list this system as their primary or backup MX host. See the -# permit_mx_backup restriction description in postconf(5). +# What destination domains (and subdomains thereof) this system will +# relay mail to, using the $relay_transport delivery. +# +# See also the description of "permit_auth_destination" and +# "reject_unauth_destination" SMTP recipient restrictions. # #relay_domains = $mydestination -- cgit v1.2.2