Postfix SMTP Authentication Problem

I've "inherited" the management of a Gentoo Postfix email server and I'm having the following problem...

All new users who are added are not able to send mail when they are connected outside of the office.  Internally, they can send, but externally (or using their Iphones, etc.) they cannot.

If I use a previous users credentials (username/password) for the SMTP server, everything works fine, but I'm unable to use the new Usernames/Passwords for sending.

I'm new to the Linux world so ANY help would be greatly appreciated.

Here is my file:
smtpd_banner = $myhostname ESMTP $mail_name
biff = no
append_dot_mydomain = no
myhostname =
alias_maps = hash:/etc/mail/aliases
alias_database = hash:/etc/mail/aliases
myorigin =
mydestination = mail,,, localhost
relayhost =
mynetworks =,
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
message_size_limit = 307200000
mailbox_command = /usr/bin/maildrop
home_mailbox = Maildir/
minimal_backoff_time = 500s
queue_run_delay = 500s
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access hash:/etc/postfix/helo_access, permit
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_recipient,  reject_unauth_destination, check_policy_service inet:
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes

Open in new window

Who is Participating?
bevhostConnect With a Mentor Commented:
I depends on how your sasl smtp auth is configured, but the most likely scenario is that smtp auth credentials are being stored in a sasl database and have top added separately.

SASLPASSWD2(8)                                                  SASLPASSWD2(8)

       saslpasswd2 - set a user’s sasl password

       saslpasswd2 [-p] [-d] [-c] [-n] [-f file] [-u domain] [-a appname] [-v] userid

       saslpasswd2 is used by a server administrator to set a user’s sasl password for server programs and SASL mechanisms which use the standard libsasl database of user secrets.

       -p     Pipe mode - saslpasswd2 will neither prompt for the password nor verify that it was entered correctly.  This is the default when standard input is not a terminal.

       -c     Creates an entry for the user if the user doesn’t already exist.  This is mutually exclusive with the -d (delete user) flag.

       -d     Deletes the entry for the user.  This is mutually exclusive with the -c (create user) flag.

       -n     Don’t set the plaintext userPassword property for the user.  Only mechanism-specific secrets will be set (e.g. OTP, SRP)

       -u domain
              use domain for user domain (realm).

       -f file
              use file for sasldb

       -a appname
              use appname as application name.

       -v     Print libsasl2 version number and exit.


       rfc2222 - Simple Authentication and Security Layer (SASL)

CMU SASL                          Mar 7, 2005                   SASLPASSWD2(8)

Open in new window

gcosgroveAuthor Commented:
Thanks!  That's what I needed.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.