All I really want is to allow clients on my local subnet to be able to
send mail from within that subnet using only the resources of that
subnet, no relays, just trusted users. The idea would be that even
outside the building, users could send mail through this network by
authenticating as local users. But something has changed somewhere.
Not sure if a version of something changed and a feature was removed
but now postfix tells me this:
Sep 5 10:25:50 shuttle postfix/smtpd[35059]: match_list_match:
erewhon.example.org: no match
Sep 5 10:25:50 shuttle postfix/smtpd[35059]: match_list_match:
192.168.2.9: no match
Sep 5 10:25:50 shuttle postfix/smtpd[35059]: match_list_match:
erewhon.example.org: no match
Sep 5 10:25:50 shuttle postfix/smtpd[35059]: match_list_match:
192.168.2.9: no match
which I don't understand. If I have permitted 192.168.2.0/24 and that
system is on that network (it's a wireless AP running as a gateway)
why is it unmatched?
I have tried to do this the simplest way with dovecot and postfix and
their own SASL mechanisms that they seem to mutually understand. But
after too many hours of reading and trying the various similar
solutions that work for everyone else, I'm at a loss, Which of course
means the error will be something trivial.
--System Parameters--
mail_version = 2.7-20090712
hostname = shuttle.example.org
uname = FreeBSD shuttle.example.org 7.2-RELEASE-p1 FreeBSD 7.2-RELEASE-
p1 #1: Fri Jun 12 22:10:40 PDT 2009 r...@shuttle.example.org:/usr/
obj/usr/src/sys/SHUTTLE i386
--Packaging information--
looks like this postfix comes from BSD package: postfix-
current-2.7.20090712,4
--Mailbox locking methods--
flock fcntl dotlock
--Supported Lookup tables--
btree cidr environ hash pcre proxy regexp static tcp unix
--main.cf non-default parameters--
command_directory = /usr/local/sbin
daemon_directory = /usr/local/libexec/postfix
default_process_limit = 20
disable_vrfy_command = yes
invalid_hostname_reject_code = 554
mailq_path = /usr/local/bin/mailq
maps_rbl_domains = blackholes.mail-abuse.org
multi_recipient_bounce_reject_code = 554
mydestination = $myhostname, localhost.$mydomain, localhost,
$mydomain,downymildew.org
myhostname = mail.example.org
mynetworks = 192.168.2.0/24, 127.0.0.0/8
myorigin = $mydomain
newaliases_path = /usr/local/bin/newaliases
non_fqdn_reject_code = 554
proxy_interfaces = 72.1.134.183
relayhost = [smtp.gmail.com]:submission
sendmail_path = /usr/local/sbin/sendmail
smtp_generic_maps = hash:/usr/local/etc/postfix/generic.map
smtpd_client_restrictions = permit_mynetworks, reject
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, check_helo_access hash:/
usr/local/etc/postfix/helo_access, reject_non_fqdn_hostname,
reject_invalid_hostname, reject_unknown_helo_hostname, permit
smtpd_recipient_restrictions = permit_sasl_authenticated, reject
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_exceptions_networks = 192.168.2.0/24, 127.0.0.0/8
smtpd_sasl_path = private/auth
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks
smtpd_tls_CAfile = /usr/local/etc/postfix/ssl/smtpd.pem
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /usr/local/etc/postfix/ssl/smtpd.pem
smtpd_tls_key_file = /usr/local/etc/postfix/ssl/smtpd.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:/var/lib/postfix/
smtp_tls_session_cache
strict_rfc821_envelopes = yes
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
unknown_relay_recipient_reject_code = 554
unknown_virtual_alias_reject_code = 554
unknown_virtual_mailbox_reject_code = 554
unverified_recipient_reject_code = 554
unverified_sender_reject_code = 554
virtual_alias_domains = downymildew.org
virtual_alias_maps = hash:/usr/local/etc/postfix/thistledew.cf
--master.cf--
smtp inet n - n - - smtpd -v
-o content_filter=filter:
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o smtp_fallback_relay=
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
policy unix - n n - - spawn
user=nobody argv=/usr/local/sbin/postfix-policyd-spf
filter unix - n n - - pipe
flags=R user=filter argv=/home/filter/postfix-filter.sh -f $
{sender} -- ${recipient}
--Specific file and directory permissions--
drwx-wx--- 2 postfix maildrop 512 Sep 5 22:10 /var/spool/postfix/
maildrop
drwx--x--- 2 postfix maildrop 512 Sep 5 16:07 /var/spool/postfix/
public
total 0
srw-rw-rw- 1 postfix maildrop 0 Sep 5 16:07 cleanup
srw-rw-rw- 1 postfix maildrop 0 Sep 5 16:07 flush
prw--w--w- 1 postfix maildrop 0 Sep 5 16:07 pickup
prw--w--w- 1 postfix maildrop 0 Sep 5 16:07 qmgr
srw-rw-rw- 1 postfix maildrop 0 Sep 5 16:07 showq
drwx------ 2 postfix wheel 512 Sep 5 21:40 /var/spool/postfix/
private
total 0
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 anvil
srw-rw---- 1 postfix postfix 0 Sep 5 21:40 auth
srw-rw-rw- 1 postfix wheel 0 Jun 26 2008 bogofilter
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 bounce
srw-rw-rw- 1 postfix wheel 0 Jul 21 2007 bsmtp
srw-rw-rw- 1 postfix wheel 0 Jul 21 2007 cyrus
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 defer
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 discard
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 error
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 filter
srw-rw-rw- 1 postfix wheel 0 Jul 21 2007 ifmail
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 lmtp
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 local
srw-rw-rw- 1 postfix wheel 0 Jul 21 2007 maildrop
srw-rw-rw- 1 postfix wheel 0 Jul 21 2007 old-cyrus
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 policy
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 proxymap
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 proxywrite
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 relay
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 retry
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 rewrite
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 scache
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 smtp
srw-rw-rw- 1 postfix wheel 0 Jun 28 2008 spambayes
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 tlsmgr
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 trace
srw-rw-rw- 1 postfix wheel 0 Jul 21 2007 uucp
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 verify
srw-rw-rw- 1 postfix wheel 0 Sep 5 16:07 virtual
-rwxr-sr-x 1 root maildrop 520706 Sep 3 16:31 /usr/local/sbin/
postdrop
-rwxr-sr-x 1 root maildrop 511103 Sep 3 16:31 /usr/local/sbin/
postqueue
--Library dependencies--
/usr/local/libexec/postfix/smtpd:
/usr/local/libexec/postfix/smtpd:
libpcre.so.0 => /usr/local/lib/libpcre.so.0 (0x33ce4000)
libssl.so.5 => /usr/lib/libssl.so.5 (0x33d1a000)
libcrypto.so.5 => /lib/libcrypto.so.5 (0x33d5b000)
libdb41.so.1 => /usr/local/lib/libdb41.so.1 (0x33eb4000)
libc.so.7 => /lib/libc.so.7 (0x33f91000)
-- end of postfinger output --
--
Paul Beard
contact info: www.paulbeard.org/paulbeard.vcf
Are you trying to win an argument or solve a problem?
