Re: error ssl stacked error routines

Perfect answer, I appreciate it. I will do like You adviced. I have few questions more about configuration: "> smtpd_sasl_tls_security_options=noanonymous,noplaintext Unless you're doing GSSAPI, most of the other options require a store of the actual unhashed passwords on the server, and far

Re: SASL auth only on port 25

- Message from Viktor Dukhovni - Date: Thu, 27 Apr 2017 13:01:16 -0400 From: Viktor Dukhovni Reply-To: Postfix users Subject: Re: SASL auth only on port 25 To: Postfix users

Re: SASL auth only on port 25

> On Apr 27, 2017, at 12:45 PM, Simon Wilson wrote: > > smtpd_recipient_restrictions = >check_client_access hash:/etc/postfix/client_checks, >permit_mynetworks, >permit_sasl_authenticated, >check_sender_access

Re: SASL auth only on port 25

- Message from Viktor Dukhovni - Date: Thu, 27 Apr 2017 15:07:02 + From: Viktor Dukhovni Reply-To: postfix-users@postfix.org Subject: Re: SASL auth only on port 25 To: postfix-users@postfix.org On Thu, Apr

Re: SASL auth only on port 25

> On Apr 27, 2017, at 12:21 PM, Michael Segel wrote: > > You raise a very valid point in some of your emails. > > There’s a lot of garbage “How To” when it comes to postfix and dovecot and > others… > > What are some good resources? (e-books, blogs, etc …) > >

Re: SASL auth only on port 25

- Message from Viktor Dukhovni - Date: Thu, 27 Apr 2017 12:00:22 -0400 From: Viktor Dukhovni Reply-To: Postfix users Subject: Re: SASL auth only on port 25 To: Postfix users

Re: SASL auth only on port 25

> On Apr 27, 2017, at 11:54 AM, Simon Wilson wrote: > >> # -o smtpd_client_restrictions=$mua_client_restrictions >># -o smtpd_helo_restrictions=$mua_helo_restrictions >># -o smtpd_sender_restrictions=$mua_sender_restrictions >> >>> > I cannot find much

Re: SASL auth only on port 25

   #  -o smtpd_client_restrictions=$mua_client_restrictions    #  -o smtpd_helo_restrictions=$mua_helo_restrictions    #  -o smtpd_sender_restrictions=$mua_sender_restrictions   I cannot find much about these variables - do these just set to what has already been loaded from those sections

Re: error ssl stacked error routines

On Thu, Apr 27, 2017 at 06:55:37AM +0200, Poliman - Serwis wrote: > Is between dovecot and postfix some communication? None to the IMAP service, and especially nothing that involves smtpd(8) TLS settings. > tls_ssl_options = no_ticket, no_compression You've been reading and following some

Re: SASL auth only on port 25

- Message from Viktor Dukhovni - Date: Thu, 27 Apr 2017 15:07:02 + From: Viktor Dukhovni Reply-To: postfix-users@postfix.org Subject: Re: SASL auth only on port 25 To: postfix-users@postfix.org On Thu, Apr

Re: TLS errors when receiving from outlook.com

On Thu, Apr 27, 2017 at 10:06:49AM -0500, Noel Jones wrote: > > It looks like some kind of problem negotiating TLS, but other sites > > can send me email using TLS with no problems. I am using a > > self-signed certificate. > > > > Any ideas what is wrong and how to fix it? > > A self-signed

Re: SASL auth only on port 25

Port 25 is for MTA unauthenticated traffic, with optional TLS, and 587 requires TLS and sasl auth for MUA submission. The server is functioning fine for mail submission on 587 and MTA function on port 25, but I am seeing saslauthd authentication failures in maillog e.g.: Apr 26 18:16:23 server04

Re: SASL auth only on port 25

On Thu, Apr 27, 2017 at 09:56:39AM -0500, Noel Jones wrote: > Looks OK, but the "Bind to ldap server failed" errors would seem to > be a config error in your saslauthd. Not necessarily. One common method of varifying user passwords is to attempt to "bind" to LDAP with the username and password

Re: SASL auth only on port 25

On Thu, Apr 27, 2017 at 11:51:06PM +1000, Simon Wilson wrote: > 1. At the moment when a bot knocks on the postfix server I see > postfix/smtpd[pid] etc. in maillog: can that message show if the knock is on > port 25 or 587? Sufficiently new versions of the stock Postfix master.cf file have:

Re: TLS errors when receiving from outlook.com

On 4/26/2017 11:00 PM, Simon Matthews wrote: > I see the following lines in my logs: > Apr 26 20:53:30 xenvps postfix/smtpd[19000]: connect from > mail-sn1nam01on0125.outbound.protection.outlook.com[104.47.32.125] > Apr 26 20:53:30 xenvps postfix/smtpd[19000]: setting up TLS connection > from

Re: error ssl stacked error routines

Poliman - Serwis: > Is between dovecot and postfix some communication? On totally default Dovecot does not read Postfix config files. > Before setup those lines in main.cf, dovecot didn't cry any error in log. Correlation is not causation. Wietse

Re: SASL auth only on port 25

On 4/27/2017 8:51 AM, Simon Wilson wrote: > Port 25 is for MTA unauthenticated traffic, with optional TLS, and > 587 requires TLS and sasl auth for MUA submission. The server is > functioning fine for mail submission on 587 and MTA function on port > 25, but I am seeing saslauthd authentication

Re: SASL auth only on port 25

I’d upgrade the version of Centos 5 is kind of old. > On Apr 27, 2017, at 8:51 AM, Simon Wilson wrote: > > Hi all, I'm tightening up my (pre-postscreen postfix 2.3.3 on CentOS 5) mail > server as I get quite a few hits on the open ports from bot nets trying to >

SASL auth only on port 25

Hi all, I'm tightening up my (pre-postscreen postfix 2.3.3 on CentOS 5) mail server as I get quite a few hits on the open ports from bot nets trying to auth. Getting ready to migrate off it - more on that later. Port 25 is for MTA unauthenticated traffic, with optional TLS, and 587

Re: confused with ssl settings and some error - need help

It can be deleted. Posted on wrong mailing list. 2017-04-27 10:18 GMT+02:00 wilfried.es...@essignetz.de < wilfried.es...@essignetz.de>: > Your loglines seem to come from "dovecot: imap-login". > > Does your postfix makes imap logins? Mine doesn't do that. > > But it should be possible by way of

Re: confused with ssl settings and some error - need help

Your loglines seem to come from "dovecot: imap-login". Does your postfix makes imap logins? Mine doesn't do that. But it should be possible by way of using smtp-auth that tests logins against an imap server. Do you have this? Then, why didn't you provide the according loglines from your postfix?