El lun, 08-12-2008 a las 11:45 -0600, J.P. Trosclair escribió:
> Miguel Angel Cañedo wrote:
> > Hi I have set up my postfix server:
> > Every SMTP connection from evolution works.
> > Every SMTP connection from Outlook fails (smtp authentication is marked)
> > they get 554 5.7.1 <some IP>: Client host rejected. Access denied.
> >
> > This is driving me nuts, any help will be grat, thanks in advance
> >
> > Here are my files:
> >
> > main.cf
> > ***************
> > # See /usr/share/postfix/main.cf.dist for a commented, more complete
> > version
> >
> >
> > # Debian specific: Specifying a file name will cause the first
> > # line of that file to be used as the name. The Debian default
> > # is /etc/mailname.
> > #myorigin = /etc/mailname
> >
> > smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
> > biff = no
> >
> > # appending .domain is the MUA's job.
> > append_dot_mydomain = no
> >
> > # Uncomment the next line to generate "delayed mail" warnings
> > delay_warning_time = 4h
> >
> > readme_directory = no
> >
> > # TLS parameters
> > smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt
> > smtpd_tls_key_file = /etc/ssl/private/smtpd.key
> > smtpd_use_tls = yes
> > smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
> > smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
> >
> > # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
> > # information on enabling SSL in the smtp client.
> >
> > myhostname = mydomain.com
> > alias_maps = hash:/etc/aliases
> > alias_database = hash:/etc/aliases
> > myorigin = /etc/mailname
> > mydestination = mydomain.com, localhost.localdomain, localhost
> > relayhost =
> > #mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 172.16.0.0/16
> > mynetworks = 127.0.0.0/8
> > mailbox_size_limit = 0
> > recipient_delimiter = +
> > inet_interfaces = all
> > inet_protocols = ipv4
> > home_mailbox = Maildir/
> > smtpd_sasl_type = dovecot
> > smtpd_sasl_path = private/auth-client
> > smtpd_sasl_local_domain =
> > #mcanedo noanonymous
> > smtpd_sasl_security_options = noanonymous
> > broken_sasl_auth_clients = yes
> > smtpd_sasl_auth_enable = yes
> >
> > smtpd_recipient_restrictions =
> > permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,reject_rbl_client
> > dnsbl.sorbs.net,check_policy_service inet:127.0.0.1:60000
> >
> > #smtpd_recipient_restrictions =
> > permit_sasl_authenticated,permit_mynetworks,check_relay_domains
> >
> > #smtpd_reject_unlisted_recipient = no
> >
> > smtpd_tls_auth_only = no
> > smtp_use_tls = yes
> > smtpd_use_tls = yes
> > smtp_tls_note_starttls_offer = yes
> > smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem
> > smtpd_tls_loglevel = 1
> > smtpd_tls_received_header = yes
> > smtpd_tls_session_cache_timeout = 3600s
> > tls_random_source = dev:/dev/urandom
> > content_filter = smtp-amavis:[127.0.0.1]:10024
> >
> > #Indicar que vaya a buscarar el transporte elegido (como smtproutes en
> > qmail)
> > #transport_maps = hash:/etc/postfix/transport
> > #todo via no-ip
> > default_transport=smtp:smtp-auth.no-ip.com:3325
> >
> >
> > #Archivo con Contraseña para servidores relay (ej. no-ip)
> > smtp_sender_dependent_authentication = yes
> > smtp_sasl_auth_enable = yes
> > smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
> >
> >
> > local_recipient_maps =
> > ***************
> >
> > master.cf
> > ***************
> > # maildrop. See the Postfix MAILDROP_README file for details.
> > # Also specify in main.cf: maildrop_destination_recipient_limit=1
> > #
> > maildrop unix - n n - - pipe
> > flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
> > #
> > # See the Postfix UUCP_README file for configuration details.
> > #
> > uucp unix - n n - - pipe
> > flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
> > ($recipient)
> > #
> > # Other external delivery methods.
> > #
> > ifmail unix - n n - - pipe
> > flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
> > bsmtp unix - n n - - pipe
> > flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender
> > $recipient
> > scalemail-backend unix - n n - 2 pipe
> > flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
> > ${nexthop} ${user} ${extension}
> > mailman unix - n n - - pipe
> > flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
> > ${nexthop} ${user}
> >
> > #mcanedo: Añadido para amavis FILTRS antivirus y spam
> > smtp-amavis unix - - - - 2 smtp
> > -o smtp_data_done_timeout=1200
> > -o smtp_send_xforward_command=yes
> > -o disable_dns_lookups=yes
> > -o max_use=20
> >
> > 127.0.0.1:10025 inet n - - - - smtpd
> > -o content_filter=
> > -o local_recipient_maps=
> > -o relay_recipient_maps=
> > -o smtpd_restriction_classes=
> > -o smtpd_delay_reject=no
> > -o smtpd_client_restrictions=permit_mynetworks,reject
> > -o smtpd_helo_restrictions=
> > -o smtpd_sender_restrictions=
> > -o smtpd_recipient_restrictions=permit_mynetworks,reject
> > -o smtpd_data_restrictions=reject_unauth_pipelining
> > -o smtpd_end_of_data_restrictions=
> > -o mynetworks=127.0.0.0/8
> > -o smtpd_error_sleep_time=0
> > -o smtpd_soft_error_limit=1001
> > -o smtpd_hard_error_limit=1000
> > -o smtpd_client_connection_count_limit=0
> > -o smtpd_client_connection_rate_limit=0
> > -o
> > receive_override_options=no_header_body_checks,no_unknown_recipient_checks
> > ***************
>
>
> This could be a problem with dovecot. Do you have login enabled as an
> authentication mechanism?
>
> From http://wiki.dovecot.org/Authentication/Mechanisms:
> Another plaintext mechanism is LOGIN. It's typically used only by SMTP
> servers to let Outlook clients perform SMTP authentication. Note that
> LOGIN mechanism is not the same as IMAP's LOGIN command. The LOGIN
> command is internally handled using PLAIN mechanism.
>
> J.P.
Enabling login worked!
Thanks!
