I have changed postfix configuration , this is my new postconf -n:
alias_database = hash:/etc/aliases
alias_maps = $alias_database
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
delay_warning_time = 4h
disable_dns_lookups = yes
disable_vrfy_command = yes
home_mailbox = Maildir/
inet_interfaces = all
mail_spool_directory = /var/spool/mail
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mydestination = $myhostname, /etc/postfix/local_domains, $mydomain,
remailer.$mydomain ,ns2.$mydomain ,www.$mydomain ,localhost.$mydomain,
localhost
mydomain = gabrix.ath.cx
myhostname = mail.gabrix.ath.cx
mynetworks = 127.0.0.0/8, 10.0.0.0/8
mynetworks_style = subnet
myorigin = $myhostname
recipient_delimiter = +
relay_domains = hash:/etc/postfix/relay_domains
sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay
show_user_unknown_table_name = no
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sender_dependent_authentication = yes
smtp_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtp_tls_cert_file = /etc/postfix/ssl/smtpcert.pem
smtp_tls_key_file = /etc/postfix/ssl/smtpkey.pem
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Open/OS)
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/ssl/smtpcert.pem
smtpd_tls_key_file = /etc/postfix/ssl/smtpkey.pem
smtpd_tls_received_header = no
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
transport_maps = hash:/etc/postfix/transport
I also found a better way to explain in english what i'm trying to do:
i want postfix to use smtp.gmail.com as relayhost for users in $mydomain.
Users in host.mydomain mail is only local, like logcheck mail .
Users in my host2.subdomain.mydomain are going to use the local
postfix which is not going to use smtp.gmail.com as relayhost in this
case.
First i listed in /etc/postfix/local_domains my two destination
domains, $mydomain and subdomain.$mydomain, than in relay_domains i
listed which domains that are OK to relay .
It sounded ok to me also the "sender_dependent_relayhost_maps"
directive in this form:
[EMAIL PROTECTED] [smtp.gmail.com]
[EMAIL PROTECTED] [smtp.mydomain]
[EMAIL PROTECTED] [smtp.mydomain]
[EMAIL PROTECTED] [smtp.mydomain]
and the transport map in this form:
mydomain smtp:[smtp.gmail.com]
host1.mydomain local:
subdomain.mydomain smtp:
guestdomain smtp:
This should , IMHHHHHHO , make my local postfix use gmail.com as
relayhost for user in @mydomain , listed guests domains not use any
relayhost for sending in internet and users in $myorigin just local
delivery .
This my firsts logs after the change , things are not right , yet !
Jul 30 14:35:11 mail postfix/pickup[16186]: 81BD6B6EFA: uid=1000
from=<[EMAIL PROTECTED]>
Jul 30 14:35:11 mail postfix/cleanup[16705]: 81BD6B6EFA:
message-id=<[EMAIL PROTECTED]>
Jul 30 14:35:11 mail postfix/qmgr[16187]: 81BD6B6EFA:
from=<[EMAIL PROTECTED]>, size=2106, nrcpt=1 (queue active)
Jul 30 14:35:14 mail postfix/smtp[16707]: certificate verification
failed for smtp.gmail.com: num=20:unable to get local issuer
certificate
Jul 30 14:35:14 mail postfix/smtp[16707]: certificate verification
failed for smtp.gmail.com: num=27:certificate not trusted
Jul 30 14:35:14 mail postfix/smtp[16707]: certificate verification
failed for smtp.gmail.com: num=21:unable to verify the first
certificate
Jul 30 14:35:14 mail postfix/smtp[16707]: warning: SASL authentication
failure: No worthy mechs found
Jul 30 14:35:14 mail postfix/smtp[16707]: 81BD6B6EFA:
to=<[EMAIL PROTECTED]>, relay=smtp.gmail.com[66.249.91.109]:25,
delay=3.5, delays=0.28/0.15/3.1/0, dsn=4.7.0, status=deferred (SASL
authentication failed; cannot authenticate to server
smtp.gmail.com[66.249.91.109]: no mechanism available)
Jul 30 14:35:57 mail postfix/qmgr[16187]: warning: connect to
transport post smtp: No such file or directory
Jul 30 14:36:57 mail postfix/qmgr[16187]: warning: connect to
transport post smtp: No such file or directory
Jul 30 14:37:19 mail postfix/master[16181]: terminating on signal 15
Jul 30 14:37:20 mail postfix/master[16869]: daemon started -- version
2.3.8, configuration /etc/postfix
Jul 30 14:37:20 mail postfix/qmgr[16875]: 3752CB6EF9:
from=<[EMAIL PROTECTED]>, size=29106, nrcpt=1 (queue active)
Jul 30 14:37:20 mail postfix/qmgr[16875]: warning: connect to
transport post smtp: No such file or directory
Jul 30 14:38:20 mail postfix/qmgr[16875]: warning: connect to
transport post smtp: No such file or directory
Jul 30 14:38:22 mail postfix/pickup[16870]: 0B1FBB6EFC: uid=1000
from=<[EMAIL PROTECTED]>
Jul 30 14:38:22 mail postfix/cleanup[16915]: 0B1FBB6EFC:
message-id=<[EMAIL PROTECTED]>
Jul 30 14:38:22 mail postfix/qmgr[16875]: 0B1FBB6EFC:
from=<[EMAIL PROTECTED]>, size=2113, nrcpt=1 (queue active)
Jul 30 14:38:26 mail postfix/smtp[16916]: certificate verification
failed for smtp.gmail.com: num=20:unable to get local issuer
certificate
Jul 30 14:38:26 mail postfix/smtp[16916]: certificate verification
failed for smtp.gmail.com: num=27:certificate not trusted
Jul 30 14:38:26 mail postfix/smtp[16916]: certificate verification
failed for smtp.gmail.com: num=21:unable to verify the first
certificate
Jul 30 14:38:26 mail postfix/smtp[16916]: warning: SASL authentication
failure: No worthy mechs found
Jul 30 14:38:26 mail postfix/smtp[16916]: 0B1FBB6EFC:
to=<[EMAIL PROTECTED]>, relay=smtp.gmail.com[66.249.91.109]:25,
delay=5, delays=0.28/0.04/4.6/0, dsn=4.7.0, status=deferred (SASL
authentication failed; cannot authenticate to server
smtp.gmail.com[66.249.91.109]: no mechanism available)
Jul 30 14:39:20 mail postfix/qmgr[16875]: warning: connect to
transport post smtp: No such file or directory
Jul 30 14:40:20 mail postfix/qmgr[16875]: warning: connect to
transport post smtp: No such file or directory
Jul 30 14:42:21 mail last message repeated 2 times
Jul 30 14:44:21 mail last message repeated 2 times
Jul 30 14:46:21 mail last message repeated 2 times
I will appreciate any help thanks !
2008/7/29, Brian Evans - Postfix List <[EMAIL PROTECTED]>:
> gabriele esposito wrote:
>> I run Debian etch and i use smtp.gmail.com as postfix relayhost.
>> I also have a list of senders from different domains allowed to relay
>> smtp traffic on my server .
>> While for local senders in $myorigin i want my postfix to relay smtp
>> with gmail , for users in the list i want my local postfix to not
>> relay and to do it on its own .
>>
>
> Note: I see no evidence of your claim in your postconf -n listing that
> says "have a list of senders from different domains allowed to relay".
>
> To relay only $myorigin, you should remove relayhost and use transport_maps.
>
> Example:
>
> example.com :[gateway.example.com]
> .example.com :[gateway.example.com]
>
> Brian
>
>> this is my postfconf -n:
>>
>> alias_database = hash:/etc/aliases
>> alias_maps = $alias_database
>> append_dot_mydomain = no
>> biff = no
>> body_checks = pcre:/etc/postfix/body_checks.txt
>> broken_sasl_auth_clients = yes
>> command_directory = /usr/sbin
>> config_directory = /etc/postfix
>> daemon_directory = /usr/lib/postfix
>> debug_peer_level = 2
>> delay_warning_time = 4h
>> disable_vrfy_command = yes
>> header_checks = pcre:/etc/postfix/header_checks.txt
>> home_mailbox = Maildir/
>> inet_interfaces = all
>> mail_spool_directory = /var/spool/mail
>> mailbox_command = procmail -a "$EXTENSION"
>> mailbox_size_limit = 0
>> mydestination = $myhostname, $mydomain, www.$mydomain ,ns2.$mydomain
>> ,ns1.$mydomain ,localhost.$mydomain
>> mydomain = gabrix.ath.cx
>> myhostname = mail.gabrix.ath.cx
>> mynetworks = 127.0.0.0/8, 10.0.0.0/8
>> myorigin = $myhostname
>> recipient_delimiter = +
>> relayhost = [smtp.gmail.com]:587
>> show_user_unknown_table_name = no
>> smtp_sasl_auth_enable = yes
>> smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
>> smtp_tls_CAfile = /etc/postfix/ssl/cacert.pem
>> smtp_tls_cert_file = /etc/postfix/ssl/smtpcert.pem
>> smtp_tls_key_file = /etc/postfix/ssl/smtpkey.pem
>> smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
>> smtp_use_tls = yes
>> smtpd_banner = $myhostname ESMTP $mail_name (Open/OS)
>> smtpd_sasl_auth_enable = yes
>> smtpd_sasl_local_domain = $myhostname
>> smtpd_sasl_path = private/auth
>> smtpd_sasl_security_options = noanonymous
>> smtpd_sasl_type = dovecot
>> smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
>> smtpd_tls_auth_only = no
>> smtpd_tls_cert_file = /etc/postfix/ssl/smtpcert.pem
>> smtpd_tls_key_file = /etc/postfix/ssl/smtpkey.pem
>> smtpd_tls_received_header = no
>> smtpd_tls_security_level = may
>> smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
>> smtpd_use_tls = yes
>>
>> I hope i was clear , Thanks !
>>
>
>
--
http://www.gabrix.ath.cx
