Dear Colleagues, I`m trying to configure authenticated relay server (SASL) using RHEL Postfix 2.6.6.
System will transport E-mails only from authenticated clients. 1) Most of that clients are in the same subnet, does it make sense to authtenicate that clients with passwords ? Do we need to use sasl if host is in the same subnet ? 2) How to understand, permit_mynetworks and permit_sasl_authenticated. If host is mentioned in the mynetworks list, what will happend with it if we will use that settings: smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject Postfix will also ask for user name and password ? I`m strugling that topic since days and I do not how to manage that. SASL documentation from Wietse I read already multiple times, but it still not working. Does any one can send me client / server (main.cf) config which is working. Maybe somebody here will be able to support me. Here is my client configuration main.cf: # SASL client configuration smtp_sasl_auth_enable = yes smtp_tls_security_level = encrypt smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous #smtp_sasl_mechnism_filter = digest-md5 broken_sasl_auth_clients = yes smtp_use_tls=yes smtp_sasl_auth_enable = yes # #################### and here You have my server configuration: #TLS Server configuration smtpd_use_tls = yes smtpd_tls_auth_only = yes smtpd_tls_key_file = /etc/postfix/ssl/mail.domain.tld.key smtpd_tls_cert_file = /etc/postfix/ssl/mail.domain.tld.crt smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem tls_random_source = dev:/dev/urandom # SASL configuration - user authentication smtpd_sasl_path = smtpd smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtp_sasl_security_options = noanonymous smtp_sasl_mechanism_filter = plain, login smtpd_client_restrictions = permit_mynetworks, reject smtpd_helo_restrictions = reject_unknown_helo_hostname smtpd_sender_restrictions = reject_unknown_sender_domain smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject smtpd_recipient_restrictions = permit_sasl_authenticated, reject My sasl configuration is located in /etc/postfix/sasl/smtpd.conf. pwcheck_method: saslauthd mech_list: PLAIN LOGIN Thanks in advance for Your support Zalezny
