Dan Burkland:
> Hello all,
>
> I have been trying to setup my Postfix server as follows:
>
> a) Clients need to use STARTTLS + Authentication in order to send mail using
> my SMTP Server. They can only submit mail on port 587 (25 for submission is
> disallowed).
> b) Port 25 is to be used for MTA-to-MTA communication and should still accept
> mail for all domains that my server is the final destination for.
>
> I have attempted at setting this up however I am unable to send mail to
> external domains. I am now prevented from sending mail through 25 as designed
> and can still however send to myself (or other recipients that are hosted on
> my server). I would appreciate any insight regarding my goal as previously
> described.
>
> Relevant configuration entries:
>
> -------main.cf--------
> smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
>
> -------master.cf-------
> submission inet n - n - - smtpd
> -o smtpd_enforce_tls=yes
> -o smtpd_sasl_auth_enable=yes
> -o smtpd_sasl_type=dovecot
> -o smtpd_sasl_path=private/auth
> -o smtpd_client_restrictions_permit_sasl_authenticated,reject
You need -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
to get relay permissions.
Wietse
> Any insight is greatly appreciated!
>
> Thanks again,
>
> Dan
>
>
