John wrote:
> Sandy Drobic wrote:
>> Please post the output of "postconf -n" , /etc/postfix/master.cf (without
>> the comments) and the options that are available in your mobile phone for
>> authentication.
>>
>>
> Thanks, Sandy, Postfix is now logging. Where can I find its output to
> syslog?
Postfix logs to mail.*, where Syslog is depositing the facility mail is
configured in /etc/syslogd.conf (or /etc/syslog-ng/syslog-ng.conf).
> As for its configuration, both files attached as requested. My Nokia
> 9300i supports SMTP auth. For additional information, it sends happily
> using my internal wireless network but not through my service provider's
> internet connection.
No wonder, according to your config it doesn't need to authenticate within
your network. (^-^)
>
>
> ------------------------------------------------------------------------
>
> broken_sasl_auth_clients = yes
> inet_interfaces = all
> inet_protocols = all
> mydestination = $myhostname, localhost.$mydomain, DMJ-Consultancy.co.uk,
> DMJ-Consultancy.me.uk, DMJ-Consultancy.org.uk
> myhostname = General.DMJ-Consultancy.local
> mynetworks = 127.0.0.0/8, 192.168.74.0/24, 192.168.80.0/24, 10.0.0.0/24
> relay_clientcerts = hash:/etc/postfix/relay_ccerts
> smtpd_helo_required = no
If this server is connected to the internet (as it appears) I suggest you
change this to "yes". Every client is required to send helo.
> smtpd_recipient_restrictions = permit_mynetworks,
> permit_sasl_authenticated,
> permit_tls_clientcerts,
> reject_unauth_destination
Okay. Though you haven't used any restrictions to reject spam or viruses.
> smtpd_sasl_application_name = smtpd
> smtpd_sasl_auth_enable = no
Unless you "yes" here, Postfix will not offer the option to authenticate.
> smtpd_sasl_local_domain =
> smtpd_sasl_security_options = noanonymous, noplaintext
> smtpd_sasl_tls_security_options = noanonymous
Now it gets a little tricky. The options themselves are reasonable,
provided your server can offer auth mechanism other than PLAIN and LOGIN.
To see what your server can offer please post the output of
"ls -l /usr/lib/sasl2" and the content of /usr/lib/sasl2/smtpd.conf.
If you are using Cyrus as Imapserver and saslauthd for authentication, you
are out of luck. Saslauthd only supports plaintext mechanisms (PLAIN and
LOGIN).
> smtpd_sender_restrictions = hash:/etc/postfix/access
Explicitely written, this is would be:
smtpd_sender_restrictions =
check_sender_access hash:/etc/postfix/access
Please be aware, that this will affect ALL mails (you didn't set
"permit_mynetworks" or "permit_sasl_authenticated" before this check).
Unless you really use this file I suggest you remove this line.
> smtpd_tls_CAfile = /Working.Files/Company/Certificates/ssl/Authority/CA.crt
> smtpd_tls_ask_ccert = yes
> smtpd_tls_auth_only = yes
This will only offer smtp auth if the client uses TLS encrypted
connections to authenticate. If you mobile phone doesn't support STARTTLS
you are again out of luck.
> smtpd_tls_cert_file =
> /Working.Files/Company/Certificates/ssl/Certificate/PostOffice.DMJ-Consultancy.me.uk.unc
> smtpd_tls_key_file =
> /Working.Files/Company/Certificates/ssl/Key/PostOffice.DMJ-Consultancy.me.uk.unc
> smtpd_tls_loglevel = 0
> smtpd_tls_req_ccert = yes
> smtpd_use_tls = yes
These settings are okay.
--
Sandy
List replies only please!
Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
