I dont see a way to have AUTH&TLS to all of our relayhosts but not for this internal hosts.
sender_dependent_relayhost_maps = hash:/etc/postfix/relayhost_maps smtp_sender_dependent_authentication = yes smtp_sasl_password_maps = hash:/etc/postfix/smtp_auth smtp_sasl_auth_enable = yes smtp_tls_security_level = may smtp_sasl_security_options = noanonymous root@postgate01:/etc/postfix# more relayhost_maps @domain1.de [securerelay.tld]:25 @domain2.de [securerelay.tld]:25 root@postgate01:/etc/postfix# more transport domain1.de smtp:192.168.124.5:2525 domain2.de smtp:192.168.124.5:2525 So howto not use AUTH&TLS at all to 192.168.124.5:2525 ? Am Di., 11. Dez. 2018 um 20:32 Uhr schrieb Wietse Venema < wie...@porcupine.org>: > Stefan Bauer: > > Hi, > > > > we receive mails from $world and forward them to internal exchange > server. > > > > Exchange is offering STARTTLS and AUTH > > > > root@gate01:~# telnet 192.168.124.5 2525 > > Trying 192.168.124.5... > > Connected to 192.168.124.5. > > Escape character is '^]'. > > Dec 11 19:27:18 postgate01 postfix/postscreen[583]: DISCONNECT > > [client]:57636 > > Dec 11 19:27:18 postgate01 postfix/smtp[574]: 5586D101077: to=< > > odf...@customer.de>, relay=192.168.124.5[192.168.124.5]:2525, delay=11, > > delays=1/0.02/10/0, dsn=4.7.3, status=undeliverable (SASL authentication > > failed; server 192.168.124.5[192.168.124.5] said: 535 5.7.3 > Authentication > > unsuccessful) > > > > how can we ignore AUTH and STARTTLS and just go on? > > If you don't want Postfix to send AUTH to this server, > then do not configure Postfix to send AUTH to this server. > > Woeyse >