Re: problems sending email from dynamic IP to *some* addresses

Fri, 04 Jan 2008 11:20:40 -0800 

On Jan 4, 2008, at 10:50 AM, [EMAIL PROTECTED] wrote:


I could possibly relay my email from a remote postfix server I manage
but not sure how to set up the postfix server since the home IP address is 
dynamic.
It takes a slight amount of work, but you can always set up your postfix server to do SMTP AUTH over TLS/SSL. 

http://www.postfix.org/SASL_README.html
Additionally, I added the following configuration directives to get things to work, so that the server would ONLY offer SMTP AUTH on a secured connection (i.e., SSL connection to 465, or post-STARTTLS on a connection to 587): 

#---------------------------------------------------------------------
# authentication options

# Force auth to only happen after TLS is established.  We don't want
# to do any SMTP AUTH over unsecured links.
smtpd_tls_auth_only = yes

# Enable SASL auth
smtpd_sasl_auth_enable = yes

# Don't allow anonymous connections
smtpd_sasl_security_options = noanonymous
# What SASL domain? This should be blank unless the back-end is Kerberos. 
smtpd_sasl_local_domain =

# Make consessionsn for broken mail clients (Outlook, Outlook Express)
broken_sasl_auth_clients = yes

# What service do we present ourselves to SASL as?
smptd_sasl_application_name = smtpd

#---------------------------------------------------------------------
I also set my restrictions to only allow SASL authenticated clients to send mail: 

#---------------------------------------------------------------------
smtpd_helo_restrictions =
        permit_mynetworks
        permit_sasl_authenticated
smtpd_client_restrictions =
        permit_mynetworks
        permit_sasl_authenticated
        reject_unauth_pipelining
        reject_unknown_client
        permit
smtpd_sender_restrictions =
        permit_mynetworks
        permit_sasl_authenticated
        reject_non_fqdn_sender
        reject_unknown_sender_domain
        permit
smtpd_recipient_restrictions =
        permit_mynetworks
        permit_sasl_authenticated
        reject_unauth_destination
        reject_unknown_recipient_domain
        permit
#---------------------------------------------------------------------


The Postfix documentation is very thorough and quite complete.

Gregory

--
Gregory K. Ruiz-Ade <[EMAIL PROTECTED]>
OpenPGP Key ID: EAF4844B  keyserver: pgpkeys.mit.edu



--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list

Reply via email to