Joe Strusz wrote:
<big snip>
I don't see your smtpd_recipient_restrictions in that list, but it looks
like you cut and pasted rather than did a postconf -n. Do the logs say
antyhing interesting as well?
In any case here's what works for me.
/etc/postfix/main.cf
# SASL setting
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain =
# TLS Settings
smtpd_use_tls = yes
#smtpd_tls_auth_only = yes
smtpd_tls_key_file = /etc/postfix/newreq.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
# setting restrictions and order
smtpd_recipient_restrictions =
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
permit
/etc/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list: plain login
/etc/conf.d/saslauthd
SASLAUTHD_OPTS=""
SASLAUTHD_OPTS="${SASLAUTH_MECH} -a pam"
/etc/init.d/saslauthd restart
/etc/init.d/postfix restart
kashani
--
gentoo-user@gentoo.org mailing list
