• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 509
  • Last Modified:

Postfix - How do I set up a relay so that external users who are logged into the server can email outside the domain?

I didn't see any specific area to post Postfix questions so I hope that this is acceptable.

I have recently setup a postfix email server to replace the "old" sendmail server.  Everything appears to be working correct except that when a road warrior logs on to the postfix email serve from outside the building, he cannot send email out to anyone outside the company.

When I log on from insdie the firewall, I can send to local email address as well as outside.  The road warriors can receive their email and send to people within the company, but not outside (they use to be able to).

I believe that the problem is in the /etc/postfix/main.cf file.  There is an area in the file for relayhost.  I believe that it can be configured so that if a person from the outside can log on to the server and receive his email, he will be authorized to relay his email.  

Could someone tell me specifically what I need to do?


Tomorrow morning I need to get to work early and hopefully with your help, I'll be able to have this working before people show up.


Thank-you in advance.
0
CME-IT
Asked:
CME-IT
  • 27
  • 14
  • 2
  • +2
3 Solutions
 
DonConsolioCommented:
What your are looking for is "authenticated smtp"
check your postfix documentation for "smtpd_sasl_auth_enable = yes"

0
 
fajar79Commented:
enable smtp auth mechanisms, these are some settings that you may need to configure in your postfix to support smtp auth.

smtpd_sender_restrictions = reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_domain reject_unauth_pipelining permit

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient

smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =

but firstly you need to install make sure your postfix support SASL and after that you'll need to install cyrus-sasl package.
0
 
CME-ITAuthor Commented:
I made all the changes that fajar79 suggested.  Everything is working as before, however the road warriors still cannot send emails.

0
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

 
Heem14Commented:
make sure your "road warriors" have set their mail client to send their username and password along with their smtp request. I've yet to come across a mail client that does not have this option available.
0
 
Cyclops3590Commented:
you need to make postfix aware of the cyrus-sasl as well.
Look at this previous question.
http://www.experts-exchange.com/Operating_Systems/Linux/Linux_Setup/Q_21798494.html
0
 
fajar79Commented:
here is the smtp banner when you type ehlo in your smtp server.

ehlo test
250-xxx.yyyyyyy.zzz
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250 8BITMIME

if you don't see the AUTH banner there, i believe the the postfix sasl is not available, but if thereis, and you have setup the mailclient to send the username & password when sending email, but still failed, i think there is something wrong with the cyrus-sasl installation.
0
 
Cyclops3590Commented:
fajar79, that's just it, if you add the sasl lines in the config, then postfix thinks it has sasl auth capabilities.  you have to tell it what method to use, what password mechanisms are ok, etc.  And if you use the sasldb method, then you have to create a sasl account for each user needing to send email.  That is why a person should really use the saslauthd with shadow verification to authenticate.  Much easier.

The reason I think this is the problem is because it wasn't stated anywhere else that he did the rest of the steps outlined in the URL I posted.
0
 
CME-ITAuthor Commented:
At / while logged in as root on the mail server, I typed in ehlo and I got an error message:
command not found

I did make a change to the main.cf file.  I added the bosses home ip address to the mynetworks = line.

The boss can now email out, but I don't like this solution.  I still want to work on using SASL_AUTHMECH

I have created a directory /etc/postfix/sasl

I have created a file smtpd.conf  Does this file go in /etc/postfix or /etc/postfix/sasl   ?

I have edit the /etc/sysconfig/saslauthd file to include SASL_AUTHMECH="shadow"

Once I know that I have place the smtpd.conf file in the right place, should I restart the postfix service or is there something else that I need to do?

Thank-you

0
 
Cyclops3590Commented:
goes in /etc/postfix/sasl/

restart postfix and saslauthd, then you should be good

also, ehlo is a smtp command
from the command line type:
telnet <ip of server> 25
then you will be presented with your mail server banner, that is when you issue the ehlo command
0
 
CME-ITAuthor Commented:
I restarted postfix and saslauthd but I still have the same problem.  Is it possible that I do not have something set correctly in main.cf?

0
 
Cyclops3590Commented:
please post your main.cf and /etc/sysconfig/saslauthd and /etc/postfix/sasl/smtpd.conf
0
 
CME-ITAuthor Commented:
First I want to thank all of you for your help.  I can't say that enough.

Here are the files, I stripped out the comments, hopefully I didn't strip out something else.

# main.cf
command_directory = /usr/sbin

#
daemon_directory = /usr/libexec/postfix
#

myorigin = $mydomain

mydestination = mailhost.company.com $myhostname localhost.$mydomain $mydomain

#
local_recipient_maps = unix:passwd.byname $alias_maps

#
unknown_local_recipient_reject_code = 550

mynetworks = 71.x.x.x, 127.0.0.0/8

#
relay_domains = $mydestination

alias_maps = hash:/etc/aliases

mail_spool_directory = /var/spool/mail

#
debug_peer_level = 2

debugger_command =
       PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
       xxgdb $daemon_directory/$process_name $process_id & sleep 5
#
sendmail_path = /usr/sbin/sendmail.postfix

#
newaliases_path = /usr/bin/newaliases.postfix

mailq_path = /usr/bin/mailq.postfix

setgid_group = postdrop
#
html_directory = no

manpage_directory = /usr/share/man
#
sample_directory = /usr/share/doc/postfix-2.1.5/samples

readme_directory = /usr/share/doc/postfix-2.1.5/README_FILES

smtpd_sender_restrictions = reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_domain reject_unauth_pipelining permit

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient

smtpd_sasl_local_domain =

smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes

message_size_limit = 20971520
mailbox_size_limit = 104857600

delay_notice_recipient = bwilson@custom-mfg-eng.com
bounce_notice_recipient = bwilson@custom-mfg-eng.com
2bounce_notice_recipient = bwilson@custom-mfg-eng.com
error_notice_recipient = bwilson@custom-mfg-eng.com


 *********** /etc/sysconfg/saslauthd

SOCKETDIR=/var/run/saslauthd

MECH=pam

FLAGS=

SASL_AUTHMECH="shadow"

 *********** /etc/postfix/sasl/smtpd.conf file

mech_list: plain login
pwcheck_method: saslauthd
log_level:    3



0
 
Cyclops3590Commented:
main.cf - add the following
----------------------
smtpd_sasl_path = /etc/postfix/sasl

/etc/sysconfig/saslauthd - make contents the following
-------------------------------
SASL_AUTHMECH="shadow"
SASL_MECH_OPTIONS=
SASLAUTHD_OPTS=

make sure that the sasl directory and the smtpd.conf are owned by postfix.

also, do you run postfix chroot'd
basically post the contents of /etc/init.d/saslauthd so that we know that postfix has its own hardlink copy of the mux= socket file to saslauthd for authentication.
0
 
CME-ITAuthor Commented:
Both the sasl directory and the smtpd.conf are now owned by postfix

I do not understand <do you run postfix chroot'd>

here is the /etc/init.d/saslauthd file.

#! /bin/bash
#
# saslauthd      Start/Stop the SASL authentication daemon.
#
# chkconfig: - 95 05
# description: saslauthd is a server process which handles plaintext \
#              authentication requests on behalf of the cyrus-sasl library.
# processname: saslauthd

# Source function library.
. /etc/init.d/functions

# Source our configuration file for these variables.
SOCKETDIR=/var/run/saslauthd
MECH=shadow
FLAGS=
if [ -f /etc/sysconfig/saslauthd ] ; then
      . /etc/sysconfig/saslauthd
fi

RETVAL=0

# Set up some common variables before we launch into what might be
# considered boilerplate by now.
prog=saslauthd
path=/usr/sbin/saslauthd

# Ugh. Switch to a specific copy of saslauthd if there's one with $MECH
# in its name, in case it wasn't included in the base cyrus-sasl package
# because it would have dragged in too many undesirable dependencies.
if test -x ${path}.${MECH} ; then
      path=/usr/sbin/saslauthd.$MECH
fi

start() {
      echo -n $"Starting $prog: "
      daemon $path -m $SOCKETDIR -a $MECH $FLAGS
      RETVAL=$?
      echo
      [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
      return $RETVAL
}

stop() {
      echo -n $"Stopping $prog: "
      killproc $path
      RETVAL=$?
      echo
      [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
      return $RETVAL
}      

restart() {
        stop
      start
}      

case "$1" in
  start)
        start
      ;;
  stop)
        stop
      ;;
  restart)
        restart
      ;;
  status)
      status $path
      ;;
  condrestart)
        [ -f /var/lock/subsys/$prog ] && restart || :
      ;;
  *)
      echo $"Usage: $0 {start|stop|status|reload|restart|condrestart}"
      exit 1
esac

exit $?
0
 
Cyclops3590Commented:
look in your master.cf, there is a chroot column.  this basically means that if you run postfix chroot'd then even if it gets hacked, the hacker can't compromise the rest of your machine, only postfix's chroot jailed environment.

your saslauthd script doesn't create a hardlink.  I need to look thru mine and find exactly what it does and then I'll post again.
0
 
CME-ITAuthor Commented:
Here is my master.cf file.   I see the chroot column.  Do I need to change any of the settings?

Thank-you

#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       n       -       -       smtpd
smtps      inet      n      -      n      -      -      smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
submission      inet      n      -      n      -      -      smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes -o smtpd_etrn_restrictions=reject
#628      inet  n       -       n       -       -       qmqpd
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       n       300     1       oqmgr
#tlsmgr   fifo  -       -       n       300     1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
#

#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
old-cyrus unix  -       n       n       -       -       pipe
  flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user}

cyrus     unix  -       n       n       -       -       pipe
  user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient

0
 
Cyclops3590Commented:
nope

ok, lets try to see if it is actually working.  restart postfix and saslauthd, then try to send.
then look at the logs "/var/log/mail/info"
do
tail -10000 /var/log/mail/info | grep sasl
that should produce a line with the username you tried to authenticate as and some other sasl info
0
 
CME-ITAuthor Commented:
I am waiting for my tester to try to send a message from outside.  In the mean time, I looked for the /var/log/mail/info file.

The only thing in that directory is a file called statistics
0
 
CME-ITAuthor Commented:
My tester tried to send an email and it did not work.  

What should I try next?

Thanks
0
 
CME-ITAuthor Commented:
My tester is getting a

554 transaction failed

message.

I have been restarting Dovecot, Postfix, and saslauthd

Does it matter what order I restart them in?
0
 
Cyclops3590Commented:
dovecot is just the pop3/imap server so you can disregard that. and no, it doesn't matter, you just need to restart them to ensure that the daemons re-read the configs.

you can also look at /var/log/syslog and modify the previous command to do this
tail -10000 /var/log/syslog | grep postfix | grep sasl

what is the client of your remote test, also you can test it out yourself even though you are on one of the mynetworks because the logs should show the sasl_username line.  also change this line in the master.cf
smtp      inet  n       -       n       -       -       smtpd
to this
smtp      inet  n       -       n       -       -       smtpd -v -v

this will turn on verbose logging and show the smtp communication that is happening.  also, look in the /etc/syslog.conf to see where the mail logs are being stored if they even are broken off, there isn't any lines specifically saying mail, then the /var/log/syslog log file contains those logs.
0
 
CME-ITAuthor Commented:
I will make the change to the master.cf file as soon as I post this.

/var/log/maillog  output

mailhost postfix/smtpd[4062]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory

mailhost postfix/smtpd[4062]: 3ACC93F9107: client=unknown[192.x.x.x], sasl_method=PLAIN, sasl_username=xxxxxx
(this was one of our users who forgot his password)
0
 
CME-ITAuthor Commented:
I made the change to master.cf  

Do I need to restart it?  (How?) :(
0
 
Cyclops3590Commented:
/etc/init.d/postfix restart

before you do though, i think postfix is grabbing its sasl parameters from a different file than we want it to. you did put
smtpd_sasl_path = /etc/postfix/sasl
into the main.cf, correct?
0
 
CME-ITAuthor Commented:
let me check
0
 
CME-ITAuthor Commented:
I double checked and it is in the correct

0
 
Cyclops3590Commented:
what are the results of this:
find / -name smtpd.conf
0
 
CME-ITAuthor Commented:
/etc/postfix/sasl/smtpd.conf
/var/ftp/pub/smtpd.conf
/usr/lib/sasl2/smtpd.conf
/usr/lib/sasl/smtpd.conf
0
 
CME-ITAuthor Commented:
the /etc/postfix/sasl/smtpd.conf file has the changes that you recommended

The two /usr files are different.

the /var/ftp  is a copy of the /etc/postfix file

0
 
CME-ITAuthor Commented:
modified the two /usr files so that they are the same as /etc/postfix/sasl/smtpd.conf

I will be restarting postfix and running another test
0
 
CME-ITAuthor Commented:
I ran the test and I got the same error message
0
 
Cyclops3590Commented:
what do the logs say....and to go back to an earlier post, you did configure the client to say that your server requires authentication, right? what client are you using again
0
 
CME-ITAuthor Commented:

pop-before-smtp has been suggested to me.  Do any of you experts have any experiece with it?

Thank-you

0
 
Cyclops3590Commented:
Change
smtpd_sasl_local_domain =
to
smtpd_sasl_local_domain = $myhostname
0
 
CME-ITAuthor Commented:
I made the change and restarted postfix.  I will repost after I test
0
 
CME-ITAuthor Commented:
no change
0
 
Cyclops3590Commented:
can I see some output from the logs, also, your positive that the client is configured right, correct?
0
 
CME-ITAuthor Commented:
Here is the result of the maillog  The last entry is one of our people who apparently entered the wrong password.

May 24 09:02:31 mailhost postfix/smtpd[13808]: generic_checks: name=permit_sasl_authenticated
May 24 09:02:31 mailhost postfix/smtpd[13808]: generic_checks: name=permit_sasl_authenticated status=0
May 24 09:02:31 mailhost postfix/smtpd[13808]: generic_checks: name=permit_sasl_authenticated
May 24 09:02:31 mailhost postfix/smtpd[13808]: generic_checks: name=permit_sasl_authenticated status=0
May 24 09:02:38 mailhost postfix/smtpd[13886]: smtpd_sasl_authenticate: sasl_method PLAIN, init_response AHJicnVubwBwYXNzd29yZA==
May 24 09:02:38 mailhost postfix/smtpd[13886]: smtpd_sasl_authenticate: decoded initial response
May 24 09:02:38 mailhost postfix/smtpd[13886]: generic_checks: name=permit_sasl_authenticated
May 24 09:02:38 mailhost postfix/smtpd[13886]: generic_checks: name=permit_sasl_authenticated status=1
May 24 09:02:38 mailhost postfix/smtpd[13886]: generic_checks: name=permit_sasl_authenticated
May 24 09:02:38 mailhost postfix/smtpd[13886]: generic_checks: name=permit_sasl_authenticated status=1
May 24 09:02:38 mailhost postfix/smtpd[13886]: D27133F9115: client=unknown[192.x.x.x], sasl_method=PLAIN, sasl_username=name@mailhost.company.com
0
 
CME-ITAuthor Commented:
Today we used a different client that we did yesterday.  The client can logon to the mailserver and download their mail as well as send email to people internally.  Several diffenent people have mentioned that they cannot send emails out, but no one has mentioned that they cannot receive their emails from outside.  There have been no complaints about anything internally.
0
 
CME-ITAuthor Commented:
The client who was testing yesterday was able to relay emails when we added his ip to the file.  We did that as a test.  Afterwards we removed that ip.  We are going thru a firewall, but once again, when a specific ip was added, emails could be relayed.
0
 
CME-ITAuthor Commented:

in main.cf we had added a specific ip and that did work for that one person.  I noticed that the ip is still there.  could that be causing problems?  the line is listed below with the ip number replaced with x

mynetworks = 71.x.x.x, 127.0.0.0/8

0
 
Cyclops3590Commented:
can we get a little more of the logs, for mine a session looks like this



May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_recipient_restrictions = permit_mynetworks  permit_sasl_authenticated  reject_unauth_destination  check_helo_access pcre:/etc/postfix/helo_checks
May 24 09:48:58 mail postfix/smtpd[3179]: mac_parse: permit_mynetworks  permit_sasl_authenticated  reject_unauth_destination  check_helo_access pcre:/etc/postfix/helo_checks
May 24 09:48:58 mail postfix/smtpd[3179]: dict_eval: const  permit_mynetworks  permit_sasl_authenticated  reject_unauth_destination  check_helo_access pcre:/etc/postfix/helo_checks
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_security_options = noanonymous
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_application_name = (notfound)
May 24 09:48:58 mail postfix/smtpd[3179]: dict_update: smtpd_sasl_application_name = smtpd
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2
May 24 09:48:58 mail postfix/smtpd[3179]: mac_parse: /etc/postfix/sasl:/usr/lib/sasl2
May 24 09:48:58 mail postfix/smtpd[3179]: dict_eval: const  /etc/postfix/sasl:/usr/lib/sasl2
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_local_domain = mail.satolabeling.com
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_exceptions_networks = (notfound)
May 24 09:48:58 mail postfix/smtpd[3179]: dict_update: smtpd_sasl_exceptions_networks =
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_tls_security_options = (notfound)
May 24 09:48:58 mail postfix/smtpd[3179]: mac_parse: $smtpd_sasl_security_options
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_security_options = noanonymous
May 24 09:48:58 mail postfix/smtpd[3179]: dict_eval: expand $smtpd_sasl_security_options -> noanonymous
May 24 09:48:58 mail postfix/smtpd[3179]: dict_update: smtpd_sasl_tls_security_options = noanonymous
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_auth_enable = yes
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_authenticated_header = (notfound)
May 24 09:48:58 mail postfix/smtpd[3179]: dict_update: smtpd_sasl_authenticated_header = no
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: broken_sasl_auth_clients = yes
May 24 09:48:58 mail postfix/smtpd[3179]: smtpd_sasl_initialize: SASL config file is smtpd.conf
May 24 09:48:58 mail postfix/smtpd[3179]: SASL verifyfile conf: /etc/postfix/sasl/smtpd.conf
May 24 09:48:58 mail postfix/smtpd[3179]: SASL verifyfile plugin: /usr/lib/sasl2/libplain.so.2
May 24 09:48:58 mail postfix/smtpd[3179]: SASL verifyfile plugin: /usr/lib/sasl2/libdigestmd5.so.2
May 24 09:48:58 mail postfix/smtpd[3179]: SASL verifyfile plugin: /usr/lib/sasl2/liblogin.so.2
May 24 09:48:58 mail postfix/smtpd[3179]: SASL verifyfile plugin: /usr/lib/sasl2/libcrammd5.so.2
May 24 09:48:59 mail postfix/smtpd[3179]: generic_checks: name=permit_sasl_authenticated
May 24 09:48:59 mail postfix/smtpd[3179]: generic_checks: name=permit_sasl_authenticated status=0
May 24 09:48:59 mail postfix/smtpd[3179]: generic_checks: name=permit_sasl_authenticated
May 24 09:48:59 mail postfix/smtpd[3179]: generic_checks: name=permit_sasl_authenticated status=0
May 24 09:49:02 mail postfix/smtpd[3228]: A877ADEE67: client=X.X.X.X, sasl_method=LOGIN, sasl_username=user@mail.example.com

0
 
CME-ITAuthor Commented:
We are using dovecot.  This launches postfix (correct)

What launches saslauthd and should it be set to -a pam (or shadow or what?)

my log doesn't show what you are showing

0
 
CME-ITAuthor Commented:
does this help?

May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sender_restrictions = reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_domain reject_unauth_pipelining permit
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval[1] reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_domain reject_unauth_pipelining permit
May 24 10:27:20 mailhost postfix/smtpd[16571]: mac_parse: reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_domain reject_unauth_pipelining permit
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval_action: type literal buf reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_domain reject_unauth_pipelining permit context mail_dict "" recursive
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval[1] result reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_domain reject_unauth_pipelining permit
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval[1] permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16571]: mac_parse: permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval_action: type literal buf permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient context mail_dict "reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_domain reject_unauth_pipelining permit" recursive
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval[1] result permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval[1] result permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_security_options = noanonymous
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_application_name = (notfound)
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_update: smtpd_sasl_application_name = smtpd
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_local_domain = $myhostname
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_exceptions_networks = (notfound)
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_update: smtpd_sasl_exceptions_networks =
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_tls_security_options = (notfound)
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval[1] $smtpd_sasl_security_options
May 24 10:27:20 mailhost postfix/smtpd[16571]: mac_parse: $smtpd_sasl_security_options
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval_action: type variable buf smtpd_sasl_security_options context mail_dict "" recursive
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_security_options = noanonymous
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_update: smtpd_sasl_tls_security_options = noanonymous
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_auth_enable = yes
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: broken_sasl_auth_clients = yes
May 24 10:27:20 mailhost postfix/smtpd[16571]: smtpd_sasl_initialize: SASL config file is smtpd.conf
May 24 10:27:20 mailhost postfix/smtpd[16571]: generic_checks: name=permit_sasl_authenticated
May 24 10:27:20 mailhost postfix/smtpd[16571]: generic_checks: name=permit_sasl_authenticated status=0
May 24 10:27:20 mailhost postfix/smtpd[16571]: generic_checks: name=permit_sasl_authenticated
May 24 10:27:20 mailhost postfix/smtpd[16571]: generic_checks: name=permit_sasl_authenticated status=0
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_sender_restrictions = reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_domain reject_unauth_pipelining permit
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval[1] reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_domain reject_unauth_pipelining permit
May 24 10:27:20 mailhost postfix/smtpd[16573]: mac_parse: reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_domain reject_unauth_pipelining permit
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval_action: type literal buf reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_domain reject_unauth_pipelining permit context mail_dict "" recursive
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval[1] result reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_domain reject_unauth_pipelining permit
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval[1] permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16573]: mac_parse: permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval_action: type literal buf permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient context mail_dict "reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_domain reject_unauth_pipelining permit" recursive
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval[1] result permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval[1] result permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_sasl_security_options = noanonymous
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_sasl_application_name = (notfound)
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_update: smtpd_sasl_application_name = smtpd
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_sasl_local_domain = $myhostname
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_sasl_exceptions_networks = (notfound)
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_update: smtpd_sasl_exceptions_networks =
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_sasl_tls_security_options = (notfound)
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval[1] $smtpd_sasl_security_options
May 24 10:27:20 mailhost postfix/smtpd[16573]: mac_parse: $smtpd_sasl_security_options
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval_action: type variable buf smtpd_sasl_security_options context mail_dict "" recursive
0
 
CME-ITAuthor Commented:
I will be closing this question out.  The decision has been made to work at installing "Pop-before-smtp".  

I appreciate all the help and the knowledge that I got from you guys and as a result I will be splitting up the points.  

Thank-you all.

I'll probably be posting a new question about "Pop-before-smtp" next week.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

  • 27
  • 14
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now