(forgot to send to list)
Hi Matthias,
Here a litte bit of code snipplets how I configured dovecot
authentication via relay domains. No user-handling in postfix exept
relay domains and virtual alias map, user-handling over dovecot SASL/LMTP.
This is no complete configuration, no warranty that this works for you!
Greetings, Jan
------------------------------------------------------------
# /etc/dovecot/conf.d/10-master.conf
#
service auth {
unix_listener auth-userdb {
mode = 0600
user = dovemail
group = dovemail
}
unix_listener /var/spool/postfix/private/auth {
mode = 0660
# Assuming the default Postfix user and group
user = postfix
group = postfix
}
### Also possible:
# inet_listener {
# port = 12345
# }
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
mode = 0660
user = postfix
group = postfix
}
### Also possible:
# inet_listener lmtp {
# address = 192.168.0.123 127.0.0.1 ::1
# port = 24
# }
}
------------------------------------------------------------
# /etc/postfix/lmtp_domains
yourdomain.invalid lmtp:unix:private/dovecot-lmtp
------------------------------------------------------------
# /etc/postfix/main.cf
transport_maps = btree:/etc/postfix/lmtp_domains,[...]
relay_domains = btree:/etc/postfix/lmtp_domains,[...]
unverified_recipient_reject_code = 577
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_recipient_restrictions =
# no dirty mails
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
# Authorized mailers
permit_sasl_authenticated,
permit_mynetworks,
# Policyd-Weight
check_policy_service inet:127.0.0.1:12525,
# Dynamic check of relay-recipients
reject_unverified_recipient,
# permit_mx_backup,
reject_unauth_destination,
permit
------------------------------------------------------------
