Om Asfik,
Kalo log user SASL auth biar keliatan (baik yang gagal dan yang
berhasil) apa yang harus di rubah ya? (tanpa verbos ya :D)
hasilnya cuma seperti ini saja:
May 13 15:18:24 mail postfix/smtpd[29850]: warning: x.x.x.x[202.x.x.x]:
SASL LOGIN authentication failed: UGFzc3dvcmQ6
yang saya mau, kelihatan user siapa yang gagal tsb :D
mail# postconf -n | grep sasl
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = reject_unknown_sender_domain
check_client_access hash:/usr/local/etc/postfix/client_checks
check_sender_access regexp:/usr/local/etc/postfix/sender_access
permit_mynetworks permit_sasl_authenticated
check_recipient_access hash:/usr/local/etc/postfix/recipient_access
reject_unknown_reverse_client_hostname
reject_unknown_recipient_domain reject_unauth_destination
reject_multi_recipient_bounce check_recipient_access
hash:/usr/local/etc/postfix/roleaccount_exceptions
reject_non_fqdn_sender reject_non_fqdn_recipient
reject_non_fqdn_hostname reject_invalid_hostname
reject_unauth_pipelining check_sender_access
hash:/usr/local/etc/postfix/rhsbl_sender_exceptions
check_policy_service inet:127.0.0.1:12525 reject_rhsbl_sender
blackholes.mail-abuse.org permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_sasl_authenticated permit_mynetworks
Thanks,
Angky R
as...@its.ac.id wrote:
----- "Imam Cartealy" <carte...@yahoo.co.id> wrote:
mynetworks = 127.0.0.0/8 10.10.0.0/16
smtpd_recipient_restrictions =
permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
Kalau diartikan secara harfiah, kira-kira restriksinya adalah sebagai berikut
(orders matter):
- Ijinkan user yang sukses authentikasi SASL (permit_sasl_authenticated)
- Ijinkan user dari network 27.0.0.0/8 10.10.0.0/16 (permit_mynetworks)
- Tolak ke tujuan (domain) yg tidak diijinkan (tidak terdaftar di
mydestinations, relay_domains dll)
Jadi, kalau mau dipaksa agar yang bisa menggunakan SMTP harus auth dulu ya
tinggal dihilangkan permit_mynetworks :-).
Kira-kira begitu.
Rgds,
Asfihani