On 11/13/2012 7:03 AM, Muhammad Yousuf Khan wrote:
> On Tue, Nov 13, 2012 at 12:54 PM, Patrick Ben Koetter <p...@sys4.de> wrote:
>> * Muhammad Yousuf Khan <sir...@gmail.com>:
>>> i have been through several articles and howtos for configuring smtpd
>>> to accept credential for authenticantion but all of them are fail.
>>> postfix relay email anonymusly no matter what i configure. here is the
>>> configuration of /etc/postfix/main.cf
>>>
>>> smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
>>> smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
>>> smtpd_use_tls=yes
>>> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
>>> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
>>>
>>> myhostname = mailsrv.mydomain.com
>>> alias_maps = hash:/etc/aliases
>>> alias_database = hash:/etc/aliases
>>> myorigin = /etc/mailname
>>> mydestination = localhost.localdomain, localhost, mydomain.com
>>> relayhost =
>>> #mynetworks = 127.0.0.0/8, 10.XX.XX.0/24
>>> mailbox_command =
>>> mailbox_size_limit = 0
>>> recipient_delimiter = +
>>> inet_interfaces = all
>>> home_mailbox = Maildir/
>>> inet_protocols = all
>>>
>>>
>>> smtpd_sasl_auth_enable = yes
>>> smtpd_sasl_security_options = noanonymous
>>> smtpd_sasl_local_domain = $myhostname
>>> broken_sasl_auth_clients = yes
>>>
>>> smtpd_recipient_restrictions =
>>> permit_sasl_authenticated,
>>> permit_mynetworks,
>>> check_relay_domains
do NOT use check_relay_domains. Use "reject_unauth_destination"
instead.
>>>
>>> it does not affect even if I comment “mynetworks” or
>>> “permit_mynetwork” as you can see the settings mynetworks is comment
>>> out. However I am sure that SASL is configured properly because my
>>> outlook client has received SSL certificate when I created the
>>> account.
>>
>> Again: SSL is not related to SASL.
>>
>> Show log that prooves your case.
>
> Fmaster in the log is my user. here you go with the logs.
>
>
> /var/log/mail.info
>
> Nov 13 17:44:18 mailsrv dovecot: imap-login: Login: user=<fmaster>,
> method=PLAIN, rip=10.XX.XX.240, lip=10.XX.XX.100, TLS
> Nov 13 17:44:19 mailsrv dovecot: IMAP(fmaster): Disconnected in IDLE
> bytes=9/298
Unrelated dovecot logging.
> Nov 13 17:44:19 mailsrv postfix/smtpd[8756]: connect from
> ws-ykhan.mydomain.com[10.XX.XX.240]
> Nov 13 17:44:19 mailsrv postfix/smtpd[8756]: 0AEF838306:
> client=ws-ykhan.mydomain.com[10.XX.XX.240], sasl_method=LOGIN,
> sasl_username=fmas...@mailsrv.mydomain.com
A successful AUTH login. Your SASL AUTH is working.
> Nov 13 17:44:19 mailsrv postfix/cleanup[8760]: 0AEF838306: message-id=<>
> Nov 13 17:44:19 mailsrv postfix/qmgr[8258]: 0AEF838306:
> from=<fmas...@mydomain.com>, size=649, nrcpt=1 (queue active)
> Nov 13 17:44:19 mailsrv postfix/smtpd[8756]: disconnect from
> ws-ykhan.mydomain.com[10.XX.XX.240]
> Nov 13 17:44:19 mailsrv postfix/local[8762]: 0AEF838306:
> to=<fmas...@mydomain.com>, relay=local, delay=0.17, delays=0.16/0/0/0,
> dsn=2.0.0, status=sent (delivered to maildir)
> Nov 13 17:44:19 mailsrv postfix/qmgr[8258]: 0AEF838306: removed
>
>
> /var/log/mail.warn
>
> Nov 12 17:57:48 mailsrv postfix/smtpd[5379]: fatal: parameter
> "smtpd_recipient_restrictions": specify at least one working instance
> of: check_relay_domains, reject_unauth_destination, reject, defer or
> defer_if_permit
You changed something, and postfix no longer works. My guess is you
commented out smtpd_recipient_restrictions.
> Nov 12 17:57:49 mailsrv postfix/master[5277]: warning: process
> /usr/lib/postfix/smtpd pid 5379 exit status 1
> Nov 12 17:57:49 mailsrv postfix/master[5277]: warning:
> /usr/lib/postfix/smtpd: bad command startup -- throttling
> Nov 12 17:58:49 mailsrv postfix/smtpd[5425]: fatal: parameter
> "smtpd_recipient_restrictions": specify at least one working instance
> of: check_relay_domains, reject_unauth_destination, reject, defer or
> defer_if_permit
> Nov 12 17:58:50 mailsrv postfix/master[5277]: warning: process
> /usr/lib/postfix/smtpd pid 5425 exit status 1
> Nov 12 17:58:50 mailsrv postfix/master[5277]: warning:
> /usr/lib/postfix/smtpd: bad command startup -- throttling
> Nov 12 18:32:49 mailsrv dovecot: dovecot: Killed with signal 15 (by
> pid=6196 uid=0 code=kill)
...
> Nov 13 11:58:49 mailsrv postfix/smtpd[8262]: warning: support for
> restriction "check_relay_domains" will be removed from Postfix; use
> "reject_unauth_destination" instead
Don't use check_relay_domains.
If you need more help, please see
http://www.postfix.org/DEBUG_README.html#mail
-- Noel Jones
