New Old Stk wrote: > For some unknown reason my mail client cannot connect to newly built > FreeBSD mail server to send emails - connection refused. Originally I > was intending to build secure connection using SASL2 and TLS/SSL but > like I said I experience difficulties connecting to SMTP server. > 5. I can telnet localhost 25 and openssl localhost:25 during my ssh > session.
This is not enough, see below. > > 6. Here's the output of postconf -n > > > broken_sasl_auth_clients = yes > [snip] > > smtpd_recipient_restrictions = permit_sasl_authenticated > permit_mynetworks reject_unauth_destination > smtpd_sasl_auth_enable = yes > smtpd_sasl_local_domain = $mydomain > smtpd_sasl_security_options = noanonymous > smtpd_tls_CAfile = > /usr/local/openssl/certs/mailexpeditor.com-CAcert.pem > smtpd_tls_auth_only = yes > This means, do not offer AUTH unless TLS is active. So, you *must* test with TLS active using: openssl s_client -starttls smtp -connect localhost:25 If you do not see AUTH after entering "EHLO localhost", then it will never work. Brian > > smtpd_tls_cert_file = > /usr/local/openssl/certs/one.mailexpeditor.com-cert.pem > smtpd_tls_key_file = > /usr/local/openssl/certs/one.mailexpeditor.com-unencrypted-key.pem > smtpd_tls_received_header = yes > smtpd_tls_security_level = may > > > 7. I tried connecting to SMTP with "no authentication" and "no SSL" > set in mail client (as in case with Squirrelmail) but all I get is > email back with "Relay access denied" in *tail -f /var/log/maillog*: > > Jun 30 16:41:41 one postfix/smtpd[23319]: NOQUEUE: reject: RCPT from > host86-165-212-234.range86-165.btcentralplus.com > <http://host86-165-212-234.range86-165.btcentralplus.com>[86.165.212.234]: > 554 5.7.1 <sometestacco...@gmail.com > <mailto:sometestacco...@gmail.com>>: Relay access denied; > from=<myem...@domain1.co.uk <mailto:myem...@domain1.co.uk>> > to=<sometestacco...@gmail.com <mailto:sometestacco...@gmail.com>> > proto=ESMTP helo=<gnrPC> > >
