SASL isn't used when sending to local (virtual) domains
This is a discussion on SASL isn't used when sending to local (virtual) domains within the alt.comp.mail.postfix forums, part of the Mail Servers and Related category; Hi, i'm trying to configure my very first Postfix server. Everything is working nice, with one exception - everyone can ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
11-14-2005
|
|||
|
|||
SASL isn't used when sending to local (virtual) domains
Hi,
i'm trying to configure my very first Postfix server. Everything is working nice, with one exception - everyone can send messages using my SMTP server without SASL authentication. Eg. when i use SMTP server mail.domain.cz i can send message to someone@domain.cz. Of course, relaying out is denied. Some (important) lines from my main.cf: smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_helo_required = yes smtpd_helo_restrictions = permit_sasl_authenticated permit_mynetworks reject_invalid_hostname reject_non_fqdn_hostname reject_unauth_pipelining smtpd_sender_login_maps = mysql:/etc/postfix/mysql-virtual-sender-login-map.cf smtpd_sender_restrictions = permit_sasl_authenticated permit_mynetworks reject_unknown_sender_domain reject_non_fqdn_sender reject_unauth_pipelining smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination reject_non_fqdn_recipient reject_unknown_recipient_domain Adding reject_sender_login_mismatch to smtpd_sender_restrictions solved this problem, but caused another one: Local users were unable to send messages to own domains through other SMTP server, because they were known in smtpd_sender_login_maps, but they weren't logged in (as they don't have where to log in). S i would really appreciate any advise about one of those things :-) Thanks a lot 
|
|
11-28-2005
|
|||
|
|||
|
Re: SASL isn't used when sending to local (virtual) domains
Perhaps add the word "reject" to the very end of your restrictions list. -- Greg Ladislav Durchánek wrote: > Hi, > i'm trying to configure my very first Postfix server. > Everything is working nice, with one exception - everyone can send messages > using my SMTP server without SASL authentication. Eg. when i use SMTP server > mail.domain.cz i can send message to someone@domain.cz. Of course, relaying > out is denied. > Some (important) lines from my main.cf: > > smtpd_sasl_auth_enable = yes > broken_sasl_auth_clients = yes > > smtpd_helo_required = yes > smtpd_helo_restrictions = > permit_sasl_authenticated > permit_mynetworks > reject_invalid_hostname > reject_non_fqdn_hostname > reject_unauth_pipelining > > smtpd_sender_login_maps = > mysql:/etc/postfix/mysql-virtual-sender-login-map.cf > smtpd_sender_restrictions = > permit_sasl_authenticated > permit_mynetworks > reject_unknown_sender_domain > reject_non_fqdn_sender > reject_unauth_pipelining > > smtpd_recipient_restrictions = > permit_sasl_authenticated > permit_mynetworks > reject_unauth_destination > reject_non_fqdn_recipient > reject_unknown_recipient_domain > > Adding reject_sender_login_mismatch to smtpd_sender_restrictions solvedthis > problem, but caused another one: Local users were unable to send messages to > own domains through other SMTP server, because they were known in > smtpd_sender_login_maps, but they weren't logged in (as they don't have > where to log in). > > S i would really appreciate any advise about one of those things :-) > > Thanks a lot > >
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 11:27 AM.
