I am configuring my Postfix server and would like to set an SASL authentication to avoid becoming a mail relay. The problem is that I read many different things and I am not always sure what to do.
My question is about the difference between the file main.cf and master.cf in the postfix directory. In my understanding, the rules specified in main.cf are global and using "-o something" in master.cf overwrite it for the specified service (smtp, smtpd...).
In my main.cf, to restrict the access to authenticated users, I put
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_sasl_security_options = noplaintext,noanonymous
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth-client
So does it mean the redundant rule "smtpd_sasl_auth_enable=yes" in my master.cf is useless or does it mean the smtp service is not protected with sasl ? I use smtp (25) and smtps (465).
smtp inet n - - - - smtpd
smtps inet n - - - - smtpd
Also I use OpenDKIM to sign my messages. After testing, I had to put the rule "smtpd_milters = inet:127.0.0.1:12345" in both main.cf and master.cf (otherwise it doesn't work). Why is that ?
Thank you in advance