On 13.09.18 17:51, edg973 wrote:
Unfortunatly, in my config, there is in main.cf:
smtpd_sasl_auth_enable = yes
change this to "no"
In master.cf, there is :
smtp inet n - - - - smtpd -o
content_filter=spamassassin
smtps inet n - n - - smtpd -o
smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
1. where is "submission"?
2. you should modify this according to what Wietse sent:
submission inet n - n - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
note the leading spaces in the "-o" lines. The proposed smtps service
contains the same options as you already have so you won't lose anything.
Also note that both services here require encryption (good) and disable
sending mail without authentication (good).
My goal would be to get :
port 25 : normal internet mail reception (no sasl authentication)
port 465 : smtps with sasl authentication
port 587 : submission with sasl authentication
Why "smtpd_sasl_auth_enable settings in main.cf" could not allowing this ?
"smtpd_sasl_auth_enable=yes" in main.cf enables sasl authentication
globally, which you don't want. That's why you should turn it off and only
enable it explicitly for submission and smtps services.
It's better to configure postfix according to proposed config, so you don't
have too many changes when upgrading later.
--
Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Nothing is fool-proof to a talented fool.
