Perfect answer, I appreciate it. I will do like You adviced. I have few
questions more about configuration:
"> smtpd_sasl_tls_security_options=noanonymous,noplaintext
Unless you're doing GSSAPI, most of the other options require a
store of the actual unhashed passwords on the server, and far
- Message from Viktor Dukhovni -
Date: Thu, 27 Apr 2017 13:01:16 -0400
From: Viktor Dukhovni
Reply-To: Postfix users
Subject: Re: SASL auth only on port 25
To: Postfix users
> On Apr 27, 2017, at 12:45 PM, Simon Wilson wrote:
>
> smtpd_recipient_restrictions =
>check_client_access hash:/etc/postfix/client_checks,
>permit_mynetworks,
>permit_sasl_authenticated,
>check_sender_access
- Message from Viktor Dukhovni -
Date: Thu, 27 Apr 2017 15:07:02 +
From: Viktor Dukhovni
Reply-To: postfix-users@postfix.org
Subject: Re: SASL auth only on port 25
To: postfix-users@postfix.org
On Thu, Apr
> On Apr 27, 2017, at 12:21 PM, Michael Segel wrote:
>
> You raise a very valid point in some of your emails.
>
> There’s a lot of garbage “How To” when it comes to postfix and dovecot and
> others…
>
> What are some good resources? (e-books, blogs, etc …)
>
>
- Message from Viktor Dukhovni -
Date: Thu, 27 Apr 2017 12:00:22 -0400
From: Viktor Dukhovni
Reply-To: Postfix users
Subject: Re: SASL auth only on port 25
To: Postfix users
> On Apr 27, 2017, at 11:54 AM, Simon Wilson wrote:
>
>> # -o smtpd_client_restrictions=$mua_client_restrictions
>># -o smtpd_helo_restrictions=$mua_helo_restrictions
>># -o smtpd_sender_restrictions=$mua_sender_restrictions
>>
>>>
> I cannot find much
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
I cannot find much about these variables - do these just set to what
has already been loaded from those sections
On Thu, Apr 27, 2017 at 06:55:37AM +0200, Poliman - Serwis wrote:
> Is between dovecot and postfix some communication?
None to the IMAP service, and especially nothing that involves
smtpd(8) TLS settings.
> tls_ssl_options = no_ticket, no_compression
You've been reading and following some
- Message from Viktor Dukhovni -
Date: Thu, 27 Apr 2017 15:07:02 +
From: Viktor Dukhovni
Reply-To: postfix-users@postfix.org
Subject: Re: SASL auth only on port 25
To: postfix-users@postfix.org
On Thu, Apr
On Thu, Apr 27, 2017 at 10:06:49AM -0500, Noel Jones wrote:
> > It looks like some kind of problem negotiating TLS, but other sites
> > can send me email using TLS with no problems. I am using a
> > self-signed certificate.
> >
> > Any ideas what is wrong and how to fix it?
>
> A self-signed
Port 25 is for MTA unauthenticated traffic, with optional TLS, and
587 requires TLS and sasl auth for MUA submission. The server is
functioning fine for mail submission on 587 and MTA function on port
25, but I am seeing saslauthd authentication failures in maillog e.g.:
Apr 26 18:16:23 server04
On Thu, Apr 27, 2017 at 09:56:39AM -0500, Noel Jones wrote:
> Looks OK, but the "Bind to ldap server failed" errors would seem to
> be a config error in your saslauthd.
Not necessarily. One common method of varifying user passwords is
to attempt to "bind" to LDAP with the username and password
On Thu, Apr 27, 2017 at 11:51:06PM +1000, Simon Wilson wrote:
> 1. At the moment when a bot knocks on the postfix server I see
> postfix/smtpd[pid] etc. in maillog: can that message show if the knock is on
> port 25 or 587?
Sufficiently new versions of the stock Postfix master.cf file have:
On 4/26/2017 11:00 PM, Simon Matthews wrote:
> I see the following lines in my logs:
> Apr 26 20:53:30 xenvps postfix/smtpd[19000]: connect from
> mail-sn1nam01on0125.outbound.protection.outlook.com[104.47.32.125]
> Apr 26 20:53:30 xenvps postfix/smtpd[19000]: setting up TLS connection
> from
Poliman - Serwis:
> Is between dovecot and postfix some communication? On totally default
Dovecot does not read Postfix config files.
> Before setup those lines in main.cf, dovecot didn't cry any error in log.
Correlation is not causation.
Wietse
On 4/27/2017 8:51 AM, Simon Wilson wrote:
> Port 25 is for MTA unauthenticated traffic, with optional TLS, and
> 587 requires TLS and sasl auth for MUA submission. The server is
> functioning fine for mail submission on 587 and MTA function on port
> 25, but I am seeing saslauthd authentication
I’d upgrade the version of Centos 5 is kind of old.
> On Apr 27, 2017, at 8:51 AM, Simon Wilson wrote:
>
> Hi all, I'm tightening up my (pre-postscreen postfix 2.3.3 on CentOS 5) mail
> server as I get quite a few hits on the open ports from bot nets trying to
>
Hi all, I'm tightening up my (pre-postscreen postfix 2.3.3 on CentOS
5) mail server as I get quite a few hits on the open ports from bot
nets trying to auth. Getting ready to migrate off it - more on that
later.
Port 25 is for MTA unauthenticated traffic, with optional TLS, and 587
It can be deleted. Posted on wrong mailing list.
2017-04-27 10:18 GMT+02:00 wilfried.es...@essignetz.de <
wilfried.es...@essignetz.de>:
> Your loglines seem to come from "dovecot: imap-login".
>
> Does your postfix makes imap logins? Mine doesn't do that.
>
> But it should be possible by way of
Your loglines seem to come from "dovecot: imap-login".
Does your postfix makes imap logins? Mine doesn't do that.
But it should be possible by way of using smtp-auth that tests logins
against an imap server. Do you have this? Then, why didn't you provide
the according loglines from your postfix?
21 matches
Mail list logo