CME-IT
asked on
Postfix - How do I set up a relay so that external users who are logged into the server can email outside the domain?
I didn't see any specific area to post Postfix questions so I hope that this is acceptable.
I have recently setup a postfix email server to replace the "old" sendmail server. Everything appears to be working correct except that when a road warrior logs on to the postfix email serve from outside the building, he cannot send email out to anyone outside the company.
When I log on from insdie the firewall, I can send to local email address as well as outside. The road warriors can receive their email and send to people within the company, but not outside (they use to be able to).
I believe that the problem is in the /etc/postfix/main.cf file. There is an area in the file for relayhost. I believe that it can be configured so that if a person from the outside can log on to the server and receive his email, he will be authorized to relay his email.
Could someone tell me specifically what I need to do?
Tomorrow morning I need to get to work early and hopefully with your help, I'll be able to have this working before people show up.
Thank-you in advance.
I have recently setup a postfix email server to replace the "old" sendmail server. Everything appears to be working correct except that when a road warrior logs on to the postfix email serve from outside the building, he cannot send email out to anyone outside the company.
When I log on from insdie the firewall, I can send to local email address as well as outside. The road warriors can receive their email and send to people within the company, but not outside (they use to be able to).
I believe that the problem is in the /etc/postfix/main.cf file. There is an area in the file for relayhost. I believe that it can be configured so that if a person from the outside can log on to the server and receive his email, he will be authorized to relay his email.
Could someone tell me specifically what I need to do?
Tomorrow morning I need to get to work early and hopefully with your help, I'll be able to have this working before people show up.
Thank-you in advance.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I made all the changes that fajar79 suggested. Everything is working as before, however the road warriors still cannot send emails.
make sure your "road warriors" have set their mail client to send their username and password along with their smtp request. I've yet to come across a mail client that does not have this option available.
you need to make postfix aware of the cyrus-sasl as well.
Look at this previous question.
https://www.experts-exchange.com/questions/21798494/Linux-email-problem.html
Look at this previous question.
https://www.experts-exchange.com/questions/21798494/Linux-email-problem.html
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
At / while logged in as root on the mail server, I typed in ehlo and I got an error message:
command not found
I did make a change to the main.cf file. I added the bosses home ip address to the mynetworks = line.
The boss can now email out, but I don't like this solution. I still want to work on using SASL_AUTHMECH
I have created a directory /etc/postfix/sasl
I have created a file smtpd.conf Does this file go in /etc/postfix or /etc/postfix/sasl ?
I have edit the /etc/sysconfig/saslauthd file to include SASL_AUTHMECH="shadow"
Once I know that I have place the smtpd.conf file in the right place, should I restart the postfix service or is there something else that I need to do?
Thank-you
command not found
I did make a change to the main.cf file. I added the bosses home ip address to the mynetworks = line.
The boss can now email out, but I don't like this solution. I still want to work on using SASL_AUTHMECH
I have created a directory /etc/postfix/sasl
I have created a file smtpd.conf Does this file go in /etc/postfix or /etc/postfix/sasl ?
I have edit the /etc/sysconfig/saslauthd file to include SASL_AUTHMECH="shadow"
Once I know that I have place the smtpd.conf file in the right place, should I restart the postfix service or is there something else that I need to do?
Thank-you
goes in /etc/postfix/sasl/
restart postfix and saslauthd, then you should be good
also, ehlo is a smtp command
from the command line type:
telnet <ip of server> 25
then you will be presented with your mail server banner, that is when you issue the ehlo command
restart postfix and saslauthd, then you should be good
also, ehlo is a smtp command
from the command line type:
telnet <ip of server> 25
then you will be presented with your mail server banner, that is when you issue the ehlo command
ASKER
I restarted postfix and saslauthd but I still have the same problem. Is it possible that I do not have something set correctly in main.cf?
please post your main.cf and /etc/sysconfig/saslauthd and /etc/postfix/sasl/smtpd.co nf
ASKER
First I want to thank all of you for your help. I can't say that enough.
Here are the files, I stripped out the comments, hopefully I didn't strip out something else.
# main.cf
command_directory = /usr/sbin
#
daemon_directory = /usr/libexec/postfix
#
myorigin = $mydomain
mydestination = mailhost.company.com $myhostname localhost.$mydomain $mydomain
#
local_recipient_maps = unix:passwd.byname $alias_maps
#
unknown_local_recipient_re ject_code = 550
mynetworks = 71.x.x.x, 127.0.0.0/8
#
relay_domains = $mydestination
alias_maps = hash:/etc/aliases
mail_spool_directory = /var/spool/mail
#
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/lo cal/bin:/u sr/X11R6/b in
xxgdb $daemon_directory/$process _name $process_id & sleep 5
#
sendmail_path = /usr/sbin/sendmail.postfix
#
newaliases_path = /usr/bin/newaliases.postfi x
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
#
html_directory = no
manpage_directory = /usr/share/man
#
sample_directory = /usr/share/doc/postfix-2.1 .5/samples
readme_directory = /usr/share/doc/postfix-2.1 .5/README_ FILES
smtpd_sender_restrictions = reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma in reject_unauth_pipelining permit
smtpd_recipient_restrictio ns = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_doma in, reject_unknown_recipient_d omain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_option s = noanonymous
broken_sasl_auth_clients = yes
message_size_limit = 20971520
mailbox_size_limit = 104857600
delay_notice_recipient = bwilson@custom-mfg-eng.com
bounce_notice_recipient = bwilson@custom-mfg-eng.com
2bounce_notice_recipient = bwilson@custom-mfg-eng.com
error_notice_recipient = bwilson@custom-mfg-eng.com
*********** /etc/sysconfg/saslauthd
SOCKETDIR=/var/run/saslaut hd
MECH=pam
FLAGS=
SASL_AUTHMECH="shadow"
*********** /etc/postfix/sasl/smtpd.co nf file
mech_list: plain login
pwcheck_method: saslauthd
log_level: 3
Here are the files, I stripped out the comments, hopefully I didn't strip out something else.
# main.cf
command_directory = /usr/sbin
#
daemon_directory = /usr/libexec/postfix
#
myorigin = $mydomain
mydestination = mailhost.company.com $myhostname localhost.$mydomain $mydomain
#
local_recipient_maps = unix:passwd.byname $alias_maps
#
unknown_local_recipient_re
mynetworks = 71.x.x.x, 127.0.0.0/8
#
relay_domains = $mydestination
alias_maps = hash:/etc/aliases
mail_spool_directory = /var/spool/mail
#
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/lo
xxgdb $daemon_directory/$process
#
sendmail_path = /usr/sbin/sendmail.postfix
#
newaliases_path = /usr/bin/newaliases.postfi
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
#
html_directory = no
manpage_directory = /usr/share/man
#
sample_directory = /usr/share/doc/postfix-2.1
readme_directory = /usr/share/doc/postfix-2.1
smtpd_sender_restrictions = reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma
smtpd_recipient_restrictio
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_option
broken_sasl_auth_clients = yes
message_size_limit = 20971520
mailbox_size_limit = 104857600
delay_notice_recipient = bwilson@custom-mfg-eng.com
bounce_notice_recipient = bwilson@custom-mfg-eng.com
2bounce_notice_recipient = bwilson@custom-mfg-eng.com
error_notice_recipient = bwilson@custom-mfg-eng.com
*********** /etc/sysconfg/saslauthd
SOCKETDIR=/var/run/saslaut
MECH=pam
FLAGS=
SASL_AUTHMECH="shadow"
*********** /etc/postfix/sasl/smtpd.co
mech_list: plain login
pwcheck_method: saslauthd
log_level: 3
main.cf - add the following
----------------------
smtpd_sasl_path = /etc/postfix/sasl
/etc/sysconfig/saslauthd - make contents the following
-------------------------- -----
SASL_AUTHMECH="shadow"
SASL_MECH_OPTIONS=
SASLAUTHD_OPTS=
make sure that the sasl directory and the smtpd.conf are owned by postfix.
also, do you run postfix chroot'd
basically post the contents of /etc/init.d/saslauthd so that we know that postfix has its own hardlink copy of the mux= socket file to saslauthd for authentication.
----------------------
smtpd_sasl_path = /etc/postfix/sasl
/etc/sysconfig/saslauthd - make contents the following
--------------------------
SASL_AUTHMECH="shadow"
SASL_MECH_OPTIONS=
SASLAUTHD_OPTS=
make sure that the sasl directory and the smtpd.conf are owned by postfix.
also, do you run postfix chroot'd
basically post the contents of /etc/init.d/saslauthd so that we know that postfix has its own hardlink copy of the mux= socket file to saslauthd for authentication.
ASKER
Both the sasl directory and the smtpd.conf are now owned by postfix
I do not understand <do you run postfix chroot'd>
here is the /etc/init.d/saslauthd file.
#! /bin/bash
#
# saslauthd Start/Stop the SASL authentication daemon.
#
# chkconfig: - 95 05
# description: saslauthd is a server process which handles plaintext \
# authentication requests on behalf of the cyrus-sasl library.
# processname: saslauthd
# Source function library.
. /etc/init.d/functions
# Source our configuration file for these variables.
SOCKETDIR=/var/run/saslaut hd
MECH=shadow
FLAGS=
if [ -f /etc/sysconfig/saslauthd ] ; then
. /etc/sysconfig/saslauthd
fi
RETVAL=0
# Set up some common variables before we launch into what might be
# considered boilerplate by now.
prog=saslauthd
path=/usr/sbin/saslauthd
# Ugh. Switch to a specific copy of saslauthd if there's one with $MECH
# in its name, in case it wasn't included in the base cyrus-sasl package
# because it would have dragged in too many undesirable dependencies.
if test -x ${path}.${MECH} ; then
path=/usr/sbin/saslauthd.$ MECH
fi
start() {
echo -n $"Starting $prog: "
daemon $path -m $SOCKETDIR -a $MECH $FLAGS
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc $path
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
return $RETVAL
}
restart() {
stop
start
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
status)
status $path
;;
condrestart)
[ -f /var/lock/subsys/$prog ] && restart || :
;;
*)
echo $"Usage: $0 {start|stop|status|reload| restart|co ndrestart} "
exit 1
esac
exit $?
I do not understand <do you run postfix chroot'd>
here is the /etc/init.d/saslauthd file.
#! /bin/bash
#
# saslauthd Start/Stop the SASL authentication daemon.
#
# chkconfig: - 95 05
# description: saslauthd is a server process which handles plaintext \
# authentication requests on behalf of the cyrus-sasl library.
# processname: saslauthd
# Source function library.
. /etc/init.d/functions
# Source our configuration file for these variables.
SOCKETDIR=/var/run/saslaut
MECH=shadow
FLAGS=
if [ -f /etc/sysconfig/saslauthd ] ; then
. /etc/sysconfig/saslauthd
fi
RETVAL=0
# Set up some common variables before we launch into what might be
# considered boilerplate by now.
prog=saslauthd
path=/usr/sbin/saslauthd
# Ugh. Switch to a specific copy of saslauthd if there's one with $MECH
# in its name, in case it wasn't included in the base cyrus-sasl package
# because it would have dragged in too many undesirable dependencies.
if test -x ${path}.${MECH} ; then
path=/usr/sbin/saslauthd.$
fi
start() {
echo -n $"Starting $prog: "
daemon $path -m $SOCKETDIR -a $MECH $FLAGS
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc $path
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
return $RETVAL
}
restart() {
stop
start
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
status)
status $path
;;
condrestart)
[ -f /var/lock/subsys/$prog ] && restart || :
;;
*)
echo $"Usage: $0 {start|stop|status|reload|
exit 1
esac
exit $?
look in your master.cf, there is a chroot column. this basically means that if you run postfix chroot'd then even if it gets hacked, the hacker can't compromise the rest of your machine, only postfix's chroot jailed environment.
your saslauthd script doesn't create a hardlink. I need to look thru mine and find exactly what it does and then I'll post again.
your saslauthd script doesn't create a hardlink. I need to look thru mine and find exactly what it does and then I'll post again.
ASKER
Here is my master.cf file. I see the chroot column. Do I need to change any of the settings?
Thank-you
#
# ========================== ========== ========== ========== ========== ========
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ========================== ========== ========== ========== ========== ========
smtp inet n - n - - smtpd
smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
submission inet n - n - - smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes -o smtpd_etrn_restrictions=re ject
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
#tlsmgr fifo - - n 300 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
#
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildr op -d ${recipient}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/lib/cyrus-imapd/ deliver -e -m ${extension} ${user}
cyrus unix - n n - - pipe
user=cyrus argv=/usr/lib/cyrus-imapd/ deliver -e -r ${sender} -m ${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmai l -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
Thank-you
#
# ==========================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================
smtp inet n - n - - smtpd
smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
submission inet n - n - - smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
#tlsmgr fifo - - n 300 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
#
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildr
#
# The Cyrus deliver program has changed incompatibly, multiple times.
#
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/lib/cyrus-imapd/
cyrus unix - n n - - pipe
user=cyrus argv=/usr/lib/cyrus-imapd/
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmai
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp
nope
ok, lets try to see if it is actually working. restart postfix and saslauthd, then try to send.
then look at the logs "/var/log/mail/info"
do
tail -10000 /var/log/mail/info | grep sasl
that should produce a line with the username you tried to authenticate as and some other sasl info
ok, lets try to see if it is actually working. restart postfix and saslauthd, then try to send.
then look at the logs "/var/log/mail/info"
do
tail -10000 /var/log/mail/info | grep sasl
that should produce a line with the username you tried to authenticate as and some other sasl info
ASKER
I am waiting for my tester to try to send a message from outside. In the mean time, I looked for the /var/log/mail/info file.
The only thing in that directory is a file called statistics
The only thing in that directory is a file called statistics
ASKER
My tester tried to send an email and it did not work.
What should I try next?
Thanks
What should I try next?
Thanks
ASKER
My tester is getting a
554 transaction failed
message.
I have been restarting Dovecot, Postfix, and saslauthd
Does it matter what order I restart them in?
554 transaction failed
message.
I have been restarting Dovecot, Postfix, and saslauthd
Does it matter what order I restart them in?
dovecot is just the pop3/imap server so you can disregard that. and no, it doesn't matter, you just need to restart them to ensure that the daemons re-read the configs.
you can also look at /var/log/syslog and modify the previous command to do this
tail -10000 /var/log/syslog | grep postfix | grep sasl
what is the client of your remote test, also you can test it out yourself even though you are on one of the mynetworks because the logs should show the sasl_username line. also change this line in the master.cf
smtp inet n - n - - smtpd
to this
smtp inet n - n - - smtpd -v -v
this will turn on verbose logging and show the smtp communication that is happening. also, look in the /etc/syslog.conf to see where the mail logs are being stored if they even are broken off, there isn't any lines specifically saying mail, then the /var/log/syslog log file contains those logs.
you can also look at /var/log/syslog and modify the previous command to do this
tail -10000 /var/log/syslog | grep postfix | grep sasl
what is the client of your remote test, also you can test it out yourself even though you are on one of the mynetworks because the logs should show the sasl_username line. also change this line in the master.cf
smtp inet n - n - - smtpd
to this
smtp inet n - n - - smtpd -v -v
this will turn on verbose logging and show the smtp communication that is happening. also, look in the /etc/syslog.conf to see where the mail logs are being stored if they even are broken off, there isn't any lines specifically saying mail, then the /var/log/syslog log file contains those logs.
ASKER
I will make the change to the master.cf file as soon as I post this.
/var/log/maillog output
mailhost postfix/smtpd[4062]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
mailhost postfix/smtpd[4062]: 3ACC93F9107: client=unknown[192.x.x.x], sasl_method=PLAIN, sasl_username=xxxxxx
(this was one of our users who forgot his password)
/var/log/maillog output
mailhost postfix/smtpd[4062]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
mailhost postfix/smtpd[4062]: 3ACC93F9107: client=unknown[192.x.x.x],
(this was one of our users who forgot his password)
ASKER
I made the change to master.cf
Do I need to restart it? (How?) :(
Do I need to restart it? (How?) :(
/etc/init.d/postfix restart
before you do though, i think postfix is grabbing its sasl parameters from a different file than we want it to. you did put
smtpd_sasl_path = /etc/postfix/sasl
into the main.cf, correct?
before you do though, i think postfix is grabbing its sasl parameters from a different file than we want it to. you did put
smtpd_sasl_path = /etc/postfix/sasl
into the main.cf, correct?
ASKER
let me check
ASKER
I double checked and it is in the correct
what are the results of this:
find / -name smtpd.conf
find / -name smtpd.conf
ASKER
/etc/postfix/sasl/smtpd.co nf
/var/ftp/pub/smtpd.conf
/usr/lib/sasl2/smtpd.conf
/usr/lib/sasl/smtpd.conf
/var/ftp/pub/smtpd.conf
/usr/lib/sasl2/smtpd.conf
/usr/lib/sasl/smtpd.conf
ASKER
the /etc/postfix/sasl/smtpd.co nf file has the changes that you recommended
The two /usr files are different.
the /var/ftp is a copy of the /etc/postfix file
The two /usr files are different.
the /var/ftp is a copy of the /etc/postfix file
ASKER
modified the two /usr files so that they are the same as /etc/postfix/sasl/smtpd.co nf
I will be restarting postfix and running another test
I will be restarting postfix and running another test
ASKER
I ran the test and I got the same error message
what do the logs say....and to go back to an earlier post, you did configure the client to say that your server requires authentication, right? what client are you using again
ASKER
pop-before-smtp has been suggested to me. Do any of you experts have any experiece with it?
Thank-you
Change
smtpd_sasl_local_domain =
to
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_local_domain =
to
smtpd_sasl_local_domain = $myhostname
ASKER
I made the change and restarted postfix. I will repost after I test
ASKER
no change
can I see some output from the logs, also, your positive that the client is configured right, correct?
ASKER
Here is the result of the maillog The last entry is one of our people who apparently entered the wrong password.
May 24 09:02:31 mailhost postfix/smtpd[13808]: generic_checks: name=permit_sasl_authentic ated
May 24 09:02:31 mailhost postfix/smtpd[13808]: generic_checks: name=permit_sasl_authentic ated status=0
May 24 09:02:31 mailhost postfix/smtpd[13808]: generic_checks: name=permit_sasl_authentic ated
May 24 09:02:31 mailhost postfix/smtpd[13808]: generic_checks: name=permit_sasl_authentic ated status=0
May 24 09:02:38 mailhost postfix/smtpd[13886]: smtpd_sasl_authenticate: sasl_method PLAIN, init_response AHJicnVubwBwYXNzd29yZA==
May 24 09:02:38 mailhost postfix/smtpd[13886]: smtpd_sasl_authenticate: decoded initial response
May 24 09:02:38 mailhost postfix/smtpd[13886]: generic_checks: name=permit_sasl_authentic ated
May 24 09:02:38 mailhost postfix/smtpd[13886]: generic_checks: name=permit_sasl_authentic ated status=1
May 24 09:02:38 mailhost postfix/smtpd[13886]: generic_checks: name=permit_sasl_authentic ated
May 24 09:02:38 mailhost postfix/smtpd[13886]: generic_checks: name=permit_sasl_authentic ated status=1
May 24 09:02:38 mailhost postfix/smtpd[13886]: D27133F9115: client=unknown[192.x.x.x], sasl_method=PLAIN, sasl_username=name@mailhos t.company. com
May 24 09:02:31 mailhost postfix/smtpd[13808]: generic_checks: name=permit_sasl_authentic
May 24 09:02:31 mailhost postfix/smtpd[13808]: generic_checks: name=permit_sasl_authentic
May 24 09:02:31 mailhost postfix/smtpd[13808]: generic_checks: name=permit_sasl_authentic
May 24 09:02:31 mailhost postfix/smtpd[13808]: generic_checks: name=permit_sasl_authentic
May 24 09:02:38 mailhost postfix/smtpd[13886]: smtpd_sasl_authenticate: sasl_method PLAIN, init_response AHJicnVubwBwYXNzd29yZA==
May 24 09:02:38 mailhost postfix/smtpd[13886]: smtpd_sasl_authenticate: decoded initial response
May 24 09:02:38 mailhost postfix/smtpd[13886]: generic_checks: name=permit_sasl_authentic
May 24 09:02:38 mailhost postfix/smtpd[13886]: generic_checks: name=permit_sasl_authentic
May 24 09:02:38 mailhost postfix/smtpd[13886]: generic_checks: name=permit_sasl_authentic
May 24 09:02:38 mailhost postfix/smtpd[13886]: generic_checks: name=permit_sasl_authentic
May 24 09:02:38 mailhost postfix/smtpd[13886]: D27133F9115: client=unknown[192.x.x.x],
ASKER
Today we used a different client that we did yesterday. The client can logon to the mailserver and download their mail as well as send email to people internally. Several diffenent people have mentioned that they cannot send emails out, but no one has mentioned that they cannot receive their emails from outside. There have been no complaints about anything internally.
ASKER
The client who was testing yesterday was able to relay emails when we added his ip to the file. We did that as a test. Afterwards we removed that ip. We are going thru a firewall, but once again, when a specific ip was added, emails could be relayed.
ASKER
in main.cf we had added a specific ip and that did work for that one person. I noticed that the ip is still there. could that be causing problems? the line is listed below with the ip number replaced with x
mynetworks = 71.x.x.x, 127.0.0.0/8
can we get a little more of the logs, for mine a session looks like this
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_recipient_restrictio ns = permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_helo_access pcre:/etc/postfix/helo_che cks
May 24 09:48:58 mail postfix/smtpd[3179]: mac_parse: permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_helo_access pcre:/etc/postfix/helo_che cks
May 24 09:48:58 mail postfix/smtpd[3179]: dict_eval: const permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_helo_access pcre:/etc/postfix/helo_che cks
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_security_option s = noanonymous
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_application_nam e = (notfound)
May 24 09:48:58 mail postfix/smtpd[3179]: dict_update: smtpd_sasl_application_nam e = smtpd
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_path = /etc/postfix/sasl:/usr/lib /sasl2
May 24 09:48:58 mail postfix/smtpd[3179]: mac_parse: /etc/postfix/sasl:/usr/lib /sasl2
May 24 09:48:58 mail postfix/smtpd[3179]: dict_eval: const /etc/postfix/sasl:/usr/lib /sasl2
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_local_domain = mail.satolabeling.com
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_exceptions_netw orks = (notfound)
May 24 09:48:58 mail postfix/smtpd[3179]: dict_update: smtpd_sasl_exceptions_netw orks =
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_tls_security_op tions = (notfound)
May 24 09:48:58 mail postfix/smtpd[3179]: mac_parse: $smtpd_sasl_security_optio ns
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_security_option s = noanonymous
May 24 09:48:58 mail postfix/smtpd[3179]: dict_eval: expand $smtpd_sasl_security_optio ns -> noanonymous
May 24 09:48:58 mail postfix/smtpd[3179]: dict_update: smtpd_sasl_tls_security_op tions = noanonymous
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_auth_enable = yes
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_authenticated_h eader = (notfound)
May 24 09:48:58 mail postfix/smtpd[3179]: dict_update: smtpd_sasl_authenticated_h eader = no
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: broken_sasl_auth_clients = yes
May 24 09:48:58 mail postfix/smtpd[3179]: smtpd_sasl_initialize: SASL config file is smtpd.conf
May 24 09:48:58 mail postfix/smtpd[3179]: SASL verifyfile conf: /etc/postfix/sasl/smtpd.co nf
May 24 09:48:58 mail postfix/smtpd[3179]: SASL verifyfile plugin: /usr/lib/sasl2/libplain.so .2
May 24 09:48:58 mail postfix/smtpd[3179]: SASL verifyfile plugin: /usr/lib/sasl2/libdigestmd 5.so.2
May 24 09:48:58 mail postfix/smtpd[3179]: SASL verifyfile plugin: /usr/lib/sasl2/liblogin.so .2
May 24 09:48:58 mail postfix/smtpd[3179]: SASL verifyfile plugin: /usr/lib/sasl2/libcrammd5. so.2
May 24 09:48:59 mail postfix/smtpd[3179]: generic_checks: name=permit_sasl_authentic ated
May 24 09:48:59 mail postfix/smtpd[3179]: generic_checks: name=permit_sasl_authentic ated status=0
May 24 09:48:59 mail postfix/smtpd[3179]: generic_checks: name=permit_sasl_authentic ated
May 24 09:48:59 mail postfix/smtpd[3179]: generic_checks: name=permit_sasl_authentic ated status=0
May 24 09:49:02 mail postfix/smtpd[3228]: A877ADEE67: client=X.X.X.X, sasl_method=LOGIN, sasl_username=user@mail.ex ample.com
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_recipient_restrictio
May 24 09:48:58 mail postfix/smtpd[3179]: mac_parse: permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_helo_access pcre:/etc/postfix/helo_che
May 24 09:48:58 mail postfix/smtpd[3179]: dict_eval: const permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_helo_access pcre:/etc/postfix/helo_che
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_security_option
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_application_nam
May 24 09:48:58 mail postfix/smtpd[3179]: dict_update: smtpd_sasl_application_nam
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_path = /etc/postfix/sasl:/usr/lib
May 24 09:48:58 mail postfix/smtpd[3179]: mac_parse: /etc/postfix/sasl:/usr/lib
May 24 09:48:58 mail postfix/smtpd[3179]: dict_eval: const /etc/postfix/sasl:/usr/lib
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_local_domain = mail.satolabeling.com
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_exceptions_netw
May 24 09:48:58 mail postfix/smtpd[3179]: dict_update: smtpd_sasl_exceptions_netw
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_tls_security_op
May 24 09:48:58 mail postfix/smtpd[3179]: mac_parse: $smtpd_sasl_security_optio
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_security_option
May 24 09:48:58 mail postfix/smtpd[3179]: dict_eval: expand $smtpd_sasl_security_optio
May 24 09:48:58 mail postfix/smtpd[3179]: dict_update: smtpd_sasl_tls_security_op
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_auth_enable = yes
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: smtpd_sasl_authenticated_h
May 24 09:48:58 mail postfix/smtpd[3179]: dict_update: smtpd_sasl_authenticated_h
May 24 09:48:58 mail postfix/smtpd[3179]: dict_lookup: broken_sasl_auth_clients = yes
May 24 09:48:58 mail postfix/smtpd[3179]: smtpd_sasl_initialize: SASL config file is smtpd.conf
May 24 09:48:58 mail postfix/smtpd[3179]: SASL verifyfile conf: /etc/postfix/sasl/smtpd.co
May 24 09:48:58 mail postfix/smtpd[3179]: SASL verifyfile plugin: /usr/lib/sasl2/libplain.so
May 24 09:48:58 mail postfix/smtpd[3179]: SASL verifyfile plugin: /usr/lib/sasl2/libdigestmd
May 24 09:48:58 mail postfix/smtpd[3179]: SASL verifyfile plugin: /usr/lib/sasl2/liblogin.so
May 24 09:48:58 mail postfix/smtpd[3179]: SASL verifyfile plugin: /usr/lib/sasl2/libcrammd5.
May 24 09:48:59 mail postfix/smtpd[3179]: generic_checks: name=permit_sasl_authentic
May 24 09:48:59 mail postfix/smtpd[3179]: generic_checks: name=permit_sasl_authentic
May 24 09:48:59 mail postfix/smtpd[3179]: generic_checks: name=permit_sasl_authentic
May 24 09:48:59 mail postfix/smtpd[3179]: generic_checks: name=permit_sasl_authentic
May 24 09:49:02 mail postfix/smtpd[3228]: A877ADEE67: client=X.X.X.X, sasl_method=LOGIN, sasl_username=user@mail.ex
ASKER
We are using dovecot. This launches postfix (correct)
What launches saslauthd and should it be set to -a pam (or shadow or what?)
my log doesn't show what you are showing
What launches saslauthd and should it be set to -a pam (or shadow or what?)
my log doesn't show what you are showing
ASKER
does this help?
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sender_restrictions = reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma in reject_unauth_pipelining permit
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval[1] reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma in reject_unauth_pipelining permit
May 24 10:27:20 mailhost postfix/smtpd[16571]: mac_parse: reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma in reject_unauth_pipelining permit
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval_action: type literal buf reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma in reject_unauth_pipelining permit context mail_dict "" recursive
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval[1] result reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma in reject_unauth_pipelining permit
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_recipient_restrictio ns = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_doma in, reject_unknown_recipient_d omain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval[1] permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_doma in, reject_unknown_recipient_d omain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16571]: mac_parse: permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_doma in, reject_unknown_recipient_d omain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval_action: type literal buf permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_doma in, reject_unknown_recipient_d omain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient context mail_dict "reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma in reject_unauth_pipelining permit" recursive
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval[1] result permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_doma in, reject_unknown_recipient_d omain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval[1] result permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_doma in, reject_unknown_recipient_d omain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_security_option s = noanonymous
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_application_nam e = (notfound)
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_update: smtpd_sasl_application_nam e = smtpd
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_local_domain = $myhostname
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_exceptions_netw orks = (notfound)
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_update: smtpd_sasl_exceptions_netw orks =
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_tls_security_op tions = (notfound)
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval[1] $smtpd_sasl_security_optio ns
May 24 10:27:20 mailhost postfix/smtpd[16571]: mac_parse: $smtpd_sasl_security_optio ns
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval_action: type variable buf smtpd_sasl_security_option s context mail_dict "" recursive
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_security_option s = noanonymous
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_update: smtpd_sasl_tls_security_op tions = noanonymous
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_auth_enable = yes
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: broken_sasl_auth_clients = yes
May 24 10:27:20 mailhost postfix/smtpd[16571]: smtpd_sasl_initialize: SASL config file is smtpd.conf
May 24 10:27:20 mailhost postfix/smtpd[16571]: generic_checks: name=permit_sasl_authentic ated
May 24 10:27:20 mailhost postfix/smtpd[16571]: generic_checks: name=permit_sasl_authentic ated status=0
May 24 10:27:20 mailhost postfix/smtpd[16571]: generic_checks: name=permit_sasl_authentic ated
May 24 10:27:20 mailhost postfix/smtpd[16571]: generic_checks: name=permit_sasl_authentic ated status=0
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_sender_restrictions = reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma in reject_unauth_pipelining permit
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval[1] reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma in reject_unauth_pipelining permit
May 24 10:27:20 mailhost postfix/smtpd[16573]: mac_parse: reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma in reject_unauth_pipelining permit
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval_action: type literal buf reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma in reject_unauth_pipelining permit context mail_dict "" recursive
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval[1] result reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma in reject_unauth_pipelining permit
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_recipient_restrictio ns = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_doma in, reject_unknown_recipient_d omain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval[1] permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_doma in, reject_unknown_recipient_d omain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16573]: mac_parse: permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_doma in, reject_unknown_recipient_d omain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval_action: type literal buf permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_doma in, reject_unknown_recipient_d omain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient context mail_dict "reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma in reject_unauth_pipelining permit" recursive
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval[1] result permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_doma in, reject_unknown_recipient_d omain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval[1] result permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_doma in, reject_unknown_recipient_d omain, reject_unauth_pipelining, reject_unauth_destination, reject_unlisted_recipient
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_sasl_security_option s = noanonymous
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_sasl_application_nam e = (notfound)
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_update: smtpd_sasl_application_nam e = smtpd
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_sasl_local_domain = $myhostname
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_sasl_exceptions_netw orks = (notfound)
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_update: smtpd_sasl_exceptions_netw orks =
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_sasl_tls_security_op tions = (notfound)
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval[1] $smtpd_sasl_security_optio ns
May 24 10:27:20 mailhost postfix/smtpd[16573]: mac_parse: $smtpd_sasl_security_optio ns
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval_action: type variable buf smtpd_sasl_security_option s context mail_dict "" recursive
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sender_restrictions = reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval[1] reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma
May 24 10:27:20 mailhost postfix/smtpd[16571]: mac_parse: reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval_action: type literal buf reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval[1] result reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_recipient_restrictio
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval[1] permit_mynetworks, permit_sasl_authenticated,
May 24 10:27:20 mailhost postfix/smtpd[16571]: mac_parse: permit_mynetworks, permit_sasl_authenticated,
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval_action: type literal buf permit_mynetworks, permit_sasl_authenticated,
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval[1] result permit_mynetworks, permit_sasl_authenticated,
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval[1] result permit_mynetworks, permit_sasl_authenticated,
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_security_option
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_application_nam
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_update: smtpd_sasl_application_nam
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_local_domain = $myhostname
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_exceptions_netw
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_update: smtpd_sasl_exceptions_netw
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_tls_security_op
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval[1] $smtpd_sasl_security_optio
May 24 10:27:20 mailhost postfix/smtpd[16571]: mac_parse: $smtpd_sasl_security_optio
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_eval_action: type variable buf smtpd_sasl_security_option
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_security_option
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_update: smtpd_sasl_tls_security_op
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: smtpd_sasl_auth_enable = yes
May 24 10:27:20 mailhost postfix/smtpd[16571]: dict_lookup: broken_sasl_auth_clients = yes
May 24 10:27:20 mailhost postfix/smtpd[16571]: smtpd_sasl_initialize: SASL config file is smtpd.conf
May 24 10:27:20 mailhost postfix/smtpd[16571]: generic_checks: name=permit_sasl_authentic
May 24 10:27:20 mailhost postfix/smtpd[16571]: generic_checks: name=permit_sasl_authentic
May 24 10:27:20 mailhost postfix/smtpd[16571]: generic_checks: name=permit_sasl_authentic
May 24 10:27:20 mailhost postfix/smtpd[16571]: generic_checks: name=permit_sasl_authentic
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_sender_restrictions = reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval[1] reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma
May 24 10:27:20 mailhost postfix/smtpd[16573]: mac_parse: reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval_action: type literal buf reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval[1] result reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_recipient_restrictio
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval[1] permit_mynetworks, permit_sasl_authenticated,
May 24 10:27:20 mailhost postfix/smtpd[16573]: mac_parse: permit_mynetworks, permit_sasl_authenticated,
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval_action: type literal buf permit_mynetworks, permit_sasl_authenticated,
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval[1] result permit_mynetworks, permit_sasl_authenticated,
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval[1] result permit_mynetworks, permit_sasl_authenticated,
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_sasl_security_option
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_sasl_application_nam
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_update: smtpd_sasl_application_nam
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_sasl_local_domain = $myhostname
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_sasl_exceptions_netw
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_update: smtpd_sasl_exceptions_netw
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_lookup: smtpd_sasl_tls_security_op
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval[1] $smtpd_sasl_security_optio
May 24 10:27:20 mailhost postfix/smtpd[16573]: mac_parse: $smtpd_sasl_security_optio
May 24 10:27:20 mailhost postfix/smtpd[16573]: dict_eval_action: type variable buf smtpd_sasl_security_option
ASKER
I will be closing this question out. The decision has been made to work at installing "Pop-before-smtp".
I appreciate all the help and the knowledge that I got from you guys and as a result I will be splitting up the points.
Thank-you all.
I'll probably be posting a new question about "Pop-before-smtp" next week.
I appreciate all the help and the knowledge that I got from you guys and as a result I will be splitting up the points.
Thank-you all.
I'll probably be posting a new question about "Pop-before-smtp" next week.
smtpd_sender_restrictions = reject_non_fqdn_sender permit_sasl_authenticated reject_unknown_sender_doma
smtpd_recipient_restrictio
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_option
smtpd_sasl_local_domain =
but firstly you need to install make sure your postfix support SASL and after that you'll need to install cyrus-sasl package.