It seems a bit strange to have permit_sasl_authenticated used twice,
but apparently I have to include it as a recipient restriction (followed
by "reject") no matter what, because smtpd_recipient_restrictions is
required to include at least one of reject, defer, defer_if_permit, or
So . . . . If I understand how things work, the above *should* require
SASL authentication for anyone using my submission service (and also
require their login identity to correspond to their MAIL FROM: address
per reject_sender_login_mismatch) . . .
and assuming the user successfully authenticates, the destination
address should be accepted if it's local or something I relay to
(permit_auth_destination), *or* if it's not in the Spamhaus domain
blacklist. The second "permit_sasl_authenticated" appears to be
required in smtpd_recipient_restrictions, but since it succeeded in
the smtpd_sender_restrictions, it should succeed the second time too.
Does this look OK? Or is there some obscure pitfall I need to be