* [email protected] <[email protected]>:
> here are my postconf -n data, I removed some sensitive data, but I think
> this should be enough for debugging:
>
> alias_maps = hash:/etc/aliases
> append_dot_mydomain = no
Debian, eh?
> biff = no
> broken_sasl_auth_clients = yes
> config_directory = /etc/postfix
> home_mailbox = .mailbox/
> inet_protocols = ipv4
That's default. You don't need to set $inet_protocols.
> mailbox_command = /usr/lib64/dovecot/deliver
> mydestination = <all domains>, localhost
> myhostname = <main domain>
myhostname = $mydomain
> mynetworks = localhost <IP and domain>
Do not add a host or domainname to $mynetworks. It will work ONLY if your DNS
works and Postfix is able to resolve the domain or hostname. Rather go this
way:
mynetworks = 127.0.0.0/8, <IP/range>
> myorigin = /etc/mailname
This setting is often broken on Debian systems. I recommend using the hosts
real name as $myorigin applies to system accounts:
myorigin = $myhostname
If you do this don't forget to add $myhostname to the list of domains in
$mydestinations.
> readme_directory = no
> recipient_delimiter = +
> relayhost =
> smtp_sasl_auth_enable = no
> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
> smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
> smtpd_client_restrictions =
> smtpd_data_restrictions = reject_unauth_pipelining
> smtpd_helo_required = yes
> smtpd_helo_restrictions = reject_invalid_hostname
You have this:
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_invalid_hostname,
reject_unknown_sender_domain,
check_policy_service inet:127.0.0.1:10023
I recommend rearranging and adding some options at the beginning. They assure
you only send mail that actually can be transported to other hosts:
smtpd_recipient_restrictions =
reject_non_fqdn_sender,
reject_non_fqdn_recipient,,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_invalid_hostname,
check_policy_service inet:127.0.0.1:10023
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_local_domain =
> smtpd_sasl_path = smtpd
> smtpd_sasl_security_options = noanonymous
> smtpd_sasl_type = cyrus
$smtpd_sasl_type defaults to cyrus. You don't need to set it.
> smtpd_sender_restrictions = reject_non_fqdn_sender,
> reject_unknown_sender_domain
Drop smtpd_sender_restrictions if you follow my recommendation from above on
smtpd_recipient_restrictions.
> smtpd_tls_auth_only = yes
> smtpd_tls_cert_file = <ssl pem>
> smtpd_tls_key_file = <ssl key>
> smtpd_tls_security_level = may
> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
So far so good. You might want to spend more time adding more anti-spam stuff.
Your sending problem could/should be gone once you "localhost" in
$mynetworks with "127.0.0.0/8".
If not run the Postfix smtpd daemon verbose by adding '-v' at the end of the
line that invokes smtpd in master.cf. You should probably send the output to
the Postfix mailing list. If you want help in German subscribe
[email protected]. I will be there ... ;)
p@rick
--
state of mind ()
http://www.state-of-mind.de
Franziskanerstraße 15 Telefon +49 89 3090 4664
81669 München Telefax +49 89 3090 4666
Amtsgericht München Partnerschaftsregister PR 563
--
[email protected]
https://inverse.ca/sogo/lists
