Thanks Mihira very thanks.It works like below: ------------------------------ smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recipient_access reject_unlisted_recipient check_relay_domains reject_anunth_destination reject_unverified_recipient reject_unknown_recipient_domain reject_unauth_destination
smtpd_sender_login_maps = hash:/etc/postfix/sender_login_maps smtpd_reject_unlisted_sender = yes smtpd_reject_unlisted_recipient = yes smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_login_maps reject_unknown_sender_domain warn_if_reject reject_non_fqdn_sender reject_unauthenticated_sender_login_mismatch reject_unlisted_sender reject_unverified_sender reject_sender_login_mismatch ------------------------------ I configure mail server for smtp authentication and I added some parametres like below: smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = abc.def and smtpd.conf contains: # *** sasldb *** pwcheck_method: auxprop mech_list:digest-md5 cram-md5 # ********************************* and I added user sasldb2 like below: # saslpasswd2 -c -u abc.def -a smtpauth <username> and write # sasldblistusers2 <username>@abc.def: userPassword and telnet to mail server # telnet <mail server> 25 ehlo <mailserver> 250-server.abc.def 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-AUTH DIGEST-MD5 CRAM-MD5 250-AUTH=DIGEST-MD5 CRAM-MD5 250 8BITMIME and change sender_recipient_restriction like below: smtpd_sender_restrictions = reject_sender_login_mismatch check_sender_access hash:/etc/postfix/sender_login_maps reject_unknown_sender_domain warn_if_reject reject_non_fqdn_sender reject_unauthenticated_sender_login_mismatch reject_unlisted_sender reject_unverified_sender in short,I moved "reject_sender_login_mismatch" at the top of list. and create mail account on client with thunderbird and evolution. on thunderbird configure smtp server setting and I DIDNT click "security and authentication" checkbox. and I tried send mail other mail account. mail server alert(1) me "Sender address reject:not logged in <[EMAIL PROTECTED]>...." Its NORMALLY ok. and I clicked "security and authentication" checkbox and wrote username and password.I wrote username without @ abc.def because of smtpd_sasl_local_domain = abc.def ! and tried again send mail. Alert(2) is "Sender address reject:not own by user <[EMAIL PROTECTED]> please verify mail address.....". Open mail.log files and check it. Sender address rejected: not owned by user [EMAIL PROTECTED]; from=< [EMAIL PROTECTED]> to=<[EMAIL PROTECTED]> proto=ESMTP helo=<[x.y.z.k]> I am using courier-imap and each users account username is <username> NOT < [EMAIL PROTECTED]> Problem is: account username and sasldb username NOT same. courier-imap use authmodulelist="authpam authcram".I cant use "@" unix username and sasldb want to @ abc.def so courier username ans sasldb username never be same. I think I have to user authmodulelist="authuserdb" so what do you think about this ? If you have different idea or solve without use authmodulelist="authuserdb" .Please share with me. Thanks all.
