Mark Goodge wrote:
OK, having successfully got SASL authentication working via Dovecot (as
per Wietse's helpful comments on my previous post), I now have another
query which I can't seem to find the answer to either by reading the
Postfix documentation or Googling.
What I want to do is configure Postfix so that authentication is
required on port 587 (submission port), but not available on port 25
(ie, users on port 25 cannot authenticate).
in the submission service (in master.cf), use something like:
submission ... ... smtpd
...
-o smtpd_sasl_auth_enable=${submission_sasl_auth_enable}
and in main.cf
submission_sasl_auth_enable = yes
(don't enable smtpd_sasl_auth_enable as this one applies to any smtpd
listener).
Can someone either let me know what I need to change to accomplish this,
or, alternatively, point me in the direction of whatever documentation
I've overlooked?
In case anyone is wondering, the reason for doing it this way is because
many of our users have mail clients which are set (either by default or
through unthinking user changes) to use authentication where available,
but otherwise send unauthenticated (Thunderbird is one such client which
switches on authentication by default). So enabling authentication on
port 25 means that we're now getting lots of calls from users who are
suddenly unable to send mail, as their mail client is trying to
authenticate where previously it wasn't trying to.
Thanks in advance for any help with this.
Mark
