> > > I actually don't have a mynetworks statement in main.cf at all and I > > > send from squirrelmail all over the place. > > > > > > I won't be able to specify a single IP for my laptop. Can I allow > > > authenticated users to send? > > > > You connect to squirrelmail from many different IPs via HTTP, but > > squirrelmain only calls SMTP from the localhost IP, 127.0.0.1. So add > > the default mynetworks back in if you want Squirrelmail to be able to > > send at all. And quit trying out poorly thought out security tricks in > > Postfix if you don't know what you're doing. > > I haven't removed the mynetworks statement. It was never there. > Could it be somewhere other than main.cf and master.cf? Maybe > 127.0.0.1 is the default. I can send from squirrelmail just fine as > always. Admittedly "all over the place" was a bad choice of words. > > > Once that is fixed you can start looking at why you can't authenticate. > > I'm going to guess that you haven't bothered to setup smtp > > authentication via sasl yet. > > I didn't realize I wasn't authenticating. I'm working on sasl now.
Got it! Thanks a lot for everyone's help. I'm running courier-imapd-ssl, postfix, and saslauthd. With the following config everything should be encrypted between my laptop and the server: /etc/postfix/main.cf: [snip] smtpd_sasl_auth_enable = yes smtpd_sasl2_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_policy_service inet:127.0.0.1:10030 reject_unauth_destination, permit virtual_alias_maps = hash:/etc/postfix/virtual message_size_limit = 20480000 smtpd_tls_security_level = may smtpd_tls_auth_only = yes smtpd_tls_key_file = /etc/ssl/postfix/server.key smtpd_tls_cert_file = /etc/ssl/postfix/server.crt smtpd_tls_CAfile = /etc/ssl/postfix/server.pem smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom /etc/postfix/master.cf: smtp inet n - n - - smtpd smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes /etc/sasl2/smtpd.conf: mech_list: PLAIN LOGIN pwcheck_method:saslauthd - Grant -- gentoo-user@lists.gentoo.org mailing list