Hello Victor, thanks for your reply to my question.
Am 06.04.2025 um 03:25 schrieb Viktor Dukhovni via Postfix-users: > On Sun, Apr 06, 2025 at 01:18:14AM +0200, Andreas Kuhlen via Postfix-users > wrote: > >> For better readability once more. Sorry for the first post which was a >> bit confusing because of its format! > This variant is not much better, at least not its text/plain variant, > only the HTML is correctly formatted. Please avoid HTML in posts to > this list.. I've only sent it with HTML part because the other format did not work so well. I don't know why Thunderbird sent the other mail like that. Normally I send text/plain messages to this list. Sorry for the exception to that rule. >> I have a question regarding the configuration of postscreen. In my >> current master.cf file I have not allowed SASL authentication for SMTP: >> >> I have a question regarding the configuration of postscreen. In my >> current master.cf file I have not allowed SASL authentication for SMTP: >> smtp inet n - y - - smtpd >> -o smtpd_sasl_auth_enable=no > You should leave essentially unchanged, just replacing "inet" with > "pass". It is still smtpd(8) that might or might not do SASL, the > postscreen(8) service never implements SASL. > >> To activate postscreen in the master.cf file I added the following passage: >> smtp inet n - y - 1 postscreen >> smtpd pass - - y - - smtpd > Add > -o smtpd_sasl_auth_enable=no > > to the "smtpd pass" service. > >> dnsblog unix - - y - 0 dnsblog >> tlsproxy unix - - y - 0 tlsproxy >> I commented out the upper part that prohibits SASL authentication for >> SMTP. > Changing the internal protocol from "inet" to "pass" does not > substantially change the fact that this smtpd(8) instance handles > incoming connections on port 25 after they're briefly inspected by > postscreen(8). > >> Postscreen also works so far, the question remains whether the >> option line that prohibits SMTP authentication can also be set for >> postscreen? > See above. > >> Like this: >> smtp inet n - y - 1 postscreen >> -o smtpd_sasl_auth_enable=no >> smtpd pass - - y - - smtpd >> dnsblog unix - - y - 0 dnsblog >> tlsproxy unix - - y - 0 tlsproxy > No, the option goies "smtpd", just like its name implies. So if I understood you right it should looks like this then in the master.cf file: smtp pass n - y - - smtpd -o smtpd_sasl_auth_enable=no [.....] smtp inet n - y - 1 postscreen smtpd pass - - y - - smtpd -o smtpd_sasl_auth_enable=no dnsblog unix - - y - 0 dnsblog tlsproxy unix - - y - 0 tlsproxy Kind regards, Andreas _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
