tir, 19.04.2005 kl. 23.56 skrev Paul Lesneiwski: > Ricardo Monta�ana G�mez wrote: > > Hello! > > > > First of all this is my environment: > > Fedora Core 3 > > postfix-2.2.2 > > courier-imap-4.0.2 > > openldap-2.2.23 > > squirrelmail-1.4.4 > > phamm-0.3.1 > > > > I've got some virtual domains configured in my ldap box and everything > > was working fine so I decided to install SM and it's working ok to view > > the mail, but the trouble is that I can't send messages to recipients > > that don't belong to my virtual domains, postfix only accepts relaying > > to authenticated users. > > This is the content of my /usr/lib/sasl2/smtpd.conf > > pwcheck_method: saslauthd > > mech_list: AUTH LOGIN PLAIN DIGEST-MD5
saslauthd/authdaemond (Courier) only do PLAIN and LOGIN, so MD5 AUTH or other methods should not be used/advertised by the MTA. Set SM up to use LOGIN or PLAIN, both work. > > I can send messages with thunderbird to anywhere I want, so I know that > > postifx is working properly. I believe that postfix+SASL+ldap only > > accepts plain authentication but I haven't found it on config.pl. > > > > What should I do? > > > > This configuration is taken from some howtos, but none of them says how > > to configure SM to send mail tru postfix when it has: > > smtpd_sasl_auth_enable = yes > > smtpd_sasl_local_domain = > > smtp_sasl_auth_enable = no > > smtpd_sasl_security_options = noanonymous > > smtpd_recipient_restrictions = > > permit_sasl_authenticated, > > reject_unauth_destination This is o.k. > > Maybe I could circumvent this adding permit_mynetworks, but I would like > > SM to authenticate like any other smtp client. On my rigs, everyone has to SASL authenticate to relay, so I have no permit_mynetworks under smtpd_recipient_restrictions. > That was going to be my suggestion. "The smtpd_recipient_restrictions > parameter restricts what recipient addresses this system accepts in RCPT > TO commands..." So how do you accept mail from anyone else > (restrictions end with permit maybe)? Why do you need SM to > authenticate if it's running on the local box? Postfix 2.1 and later make it possible to lock users in to their AUTH credentials, so, for example, [EMAIL PROTECTED] can't authenticate as joe and then send mail as fred. Unless the admin gives him express permission to do that. I'm admin for a high school and the kids are constantly trying to forge their mail addresses. Well, they can't ;) > This does NOT mean that > your other clients will be able to send w/out authenticating, you know. > But if you must, I think Erin added a one-stop "global" SMTP auth > account settings a while back. You'll have to dig in the config files, > as it may not be exposed in conf.pl. Or maybe someone else remembers, > or maybe you can search the archives (maybe devel list). I think OP might be trying to configure SM for MD5 AUTH and Postfix can't do that with saslauthd. SM 1.4.3a and 1.5.1 CVS both handle auth fine, I'm using it on two rigs. --Tonni -- Nothing sucksseeds like a pigeon without a beak ... mail: [EMAIL PROTECTED] http://www.billy.demon.nl They love us, don't they, They feed us, won't they ... ------------------------------------------------------- This SF.Net email is sponsored by: New Crystal Reports XI. Version 11 adds new functionality designed to reduce time involved in creating, integrating, and deploying reporting solutions. Free runtime info, new features, or free trial, at: http://www.businessobjects.com/devxi/728 -- squirrelmail-users mailing list Posting Guidelines: http://squirrelmail.org/wiki/wiki.php?MailingListPostingGuidelines List Address: [email protected] List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id)95 List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
