Greetings, What are you using for SASL authentication, in my case, I'm using dovecot, which in turn uses pam, which in turn uses LDAP. And then use:
smtpd_sender_login_maps = ldap:/etc/postfix/sender_login.cf and permit_sasl_authenticated on smtpd_recipient_restrictions and reject_sender_login_mismatch on smtpd_sender_restrictions. For SASL: smtpd_sasl_auth_enable = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth Off course, my postfix *does* support ldap. I'm using Debian Lenny. If you are configuring a server, you should really try Debian or Ubuntu Server, your live will be really simpler. I hope this helps, Ildefonso Camargo On Wed, Jun 16, 2010 at 10:26 AM, Andrew G. Grant <andrew.gr...@caddock.com> wrote: > Charles, > > Just for clarification, and remember, I am very new at all of this. > > Postfix is requiring SASL Authentication. I have not listed any user names > or passwords > anywhere except in Apple Open Directory as User "Short Names" for use with > login > to network resources. > > Postfix seems to reference these user "Short Names" in OD and the user's > password, also from within OD, when performing SASL Authentication. > > These same user "Short Names" are also seen as valid Email addresses > at my domain when receiving email. > > This information is not listed anywhere else in my configuration. For that > reason, I am asking if Postfix can't also see the User "Short Names" as > Email addresses when performing "reject_sender_login_mismatch" under > "smtpd_sender_restrictions". > > My whole goal is to avoid creating and updating another separate list of > Email Addresses and User Names for "smtpd_sender_login_maps". > > > On Jun 16, 2010, at 3:49 AM, Charles Marcus wrote: > > On 2010-06-15 6:29 PM, Andrew G. Grant wrote: >> Can anyone answer the question about how SASL is able to >> authenticate Users with their Passwords stored in Open Directory, but >> not pull their Email addresses? > > What do you mean by 'pull their email addresses'? > > If you mean that you have assigned multiple email addresses for each > user in some attribute in OD, and you want 'sender_login_mismatch' to > only allow the user to send if they are sending from one of these > multiple email addresses, I'm not sure how you would do that, but I'm > trying to more precisely define what it is you are trying to do... > > -- > > Best regards, > > Charles > >
