I'm soliciting comments on having ISPConfig manage the submission and smtps services in /etc/postfix/master.cf. I am updating this merge request and find it would be very handy to set different smtpd_*_restrictions for smtpd on port 25 vs client submissions on port 465 and 587 - simple enough of a concept, and I'd be happy to discuss specific use cases (they all come down to having more restrictions for incoming mail from the public/internet than you apply to your authorized clients). Con: Right now ISPConfig manages other services which it adds to master.cf, but it doesn't manage nor setup submission nor smtps, that is all done manually according to Perfect Server guides; if ISPConfig were to begin managing those options, at minimum the Perfect Server guides would all need updated. Pro: Installation would be one step simpler, as users wouldn't have to manually enable those. Con: Most folks will have identical/simple options enabled, but surely some will have custom settings in use; if ISPConfig were to begin managing those options, it both could change those few users' settings unexpectedly, and there is currently no provision to override it (no conf-custom equivalent for individual customization). Likely settings ISPConfig manages could be merged with what exists, but inevitably there will be individual cases of overlap. Pro: Most folks would simply have improved mail handling for non-authenticated mail (a little less spam/junk, nothing revolutionary, and I have no numbers to even guess at how much). Con: Time requirements to develop/test. Pro: I don't know of a better alternative offhand, assuming ISPConfig were implement certain measures in port 25. (Eg. you could make ISPConfig have a configuration option to enable something like fqdn check on port 25, but to enable that would require notifying users that they should change their own submission/smtps to not require fqdn for authorized users - not a great process.) Thoughts/comments? Thanks...
i have just some smtpd_restriction_classes in smtpd_recipient_restrictions which can be disabled / enabled per mail-address (spf, rbl....). i'm not sure which additional paramters are set in my postfix-configs and if they change the default-settings from postfix (usually, i don't touch them and they are in use for a few years ).
Basically we have the new official auto-installer (which is nearly finished or it was finished but needs some adjustments again due to availability of PHP 7.4), which does the changes in master.cf. https://git.ispconfig.org/ispconfig/ispconfig-autoinstaller So not sure if we should put that function into ISPConfig installer itself as it probably would break a lot of existing setups, at least those where users manually adjusted master.cf settings in the past. Maybe it's better to make some plans on how master.cf shall get altered for a more advanced setup and then implement these changes in the auto installer?
you can use postconf, to change the master.cf, too. i think, we can uses this in the same way as the installer / updater changes the main.cf
