relay_recipient_maps + smtp_auth

Tue, 16 Jun 2009 18:36:51 -0700 

OK am looking to configure a relay server that will relay to any destination 
if smtp auth used or IP is defined in mynetworks BUT other than that will 
only relay mail for certain domains/users ...

So have configured dovecot to be used to auth and IPs allowed to relay in a 
hash db /etc/postfix/networks_external.db ... the problem I see is that even 
though my smptd_recipient_restrictions are configured as

permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination        
check_recipient_access hash:/etc/postfix/rfc_addr        
reject

and I successfully auth OR send from an IP in mynetworks I still get 

"Recipient address rejected: User unkown in relay recipient table"

when  trying to send to a recipient not in relay_recipient_maps ....

So do I need to check_recipient_access within the smtpd_recipient_restrictions 
instead of using relay_recipient_maps ? Does not the permits override the 
relay_recipient_maps  check ? 


postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = $myhostname, localhost
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 20000000
mydestination = $myhostname
mynetworks = /etc/postfix/networks_internal, 
hash:/etc/postfix/networks_external
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
recipient_delimiter = -        
relay_domains = hash:/etc/postfix/relay_domains
relay_recipient_maps = hash:/etc/postfix/relay_recipients
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_data_restrictions = reject_unauth_pipelining,        permit
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks        
permit_sasl_authenticated        reject_unauth_destination        
check_recipient_access hash:/etc/postfix/rfc_addr        reject
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/pki/tls/certs/ssmtpd.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_loglevel = 2
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
transport_maps = hash:/etc/postfix/transport_map
unknown_local_recipient_reject_code = 550
verp_delimiter_filter = -=+

Reply via email to