NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2008-02

greets & howto local smtp + remote sasl smtp

From: Dan Farrell (danspore.ath.cx)
Date: Fri Feb 01 2008 - 13:27:20 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

hi list,

I have been using postfix for about a year now to host my own mail, and
have never been able to configure remote SASL SMTP authentication on my
mail server. My desired configuration would

1 allow any mail sent from local networks through
2 allow any mail sent from an authorized smtp connection through
3 allow any mail sent to a destination or relay domain through
4 reject all other mail (of course!)

right now I have all but #2. I can send mail from local hosts just
fine, but I cannot send mail from remote locations.

My hope is that someone on the list could kindly point me in the right
direction.

Thanks in advance for any assistance,

Dan Farrell

I have in my main.cf (complete file attached, sans comments):

smtpd_sasl_auth_enable = yes
smtpd_sasl_path = smtpd
broken_sasl_auth_clients = yes
smtpd_client_restrictions =
permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_sender_restrictions =
permit_mynetworks,permit_sasl_authenticated,reject_unknown_address,permit

however, although authentication succeeds from remote hosts, I still
cannot seem to send mail to any but local recipients from remote
hosts. A telnet transcript from within and without follows:

within:
=================
danpascal ~ $ telnet spore.ath.cx 25
Trying 192.168.1.87...
Connected to spore.ath.cx.
Escape character is '^]'.
220 spore.ath.cx ESMTP Postfix (2.4.5)
ehlo pascal
250-spore.ath.cx
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: danspore.ath.cx
250 2.1.0 Ok
rcpt to: danfbluebottle.com
250 2.1.5 Ok
quit
Connection closed by foreign host.

And without:
==========================

danhilbert:~$ telnet 66.191.143.114 26
Trying 66.191.143.114...
Connected to 66.191.143.114.
Escape character is '^]'.
220 spore.ath.cx ESMTP Postfix (2.4.5)
EHLO hilbert.merseine.nu
250-spore.ath.cx
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN ***************= (obfuscated for security)
235 2.0.0 Authentication successful
MAIL FROM: danspore.ath.cx
250 2.1.0 Ok
RCPT TO: danfbluebottle.com
554 5.7.1 <danfbluebottle.com>: Relay access denied

application/octet-stream attachment: main.cf

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]