schnell-im-netz GmbH - Dominik Sennfelder:
> Hello,
>
> I have an Ubuntu 10.04 Server with postfix installed.
> several of our web servers deliver outgoing mail to this server
> They do this without authentication allowed by the
> mynetworks =
> option.
>
> This works.
> The server is setup to use our mail server as relay host.
> This works with authentication.
>
> However our new Mailserversystem denies relaying for authenticated
> Users because postfix appends "AUTH=<>" at the end of the "FROM MAIL"
> Line.
> The server of course authenticates with one account and sends
> mails for a lot of other domains.
>
> Here is an example.
>
> Sep 1 13:33:42 +0200 16 mail-02 SMTP-IN:000786CD: << MAIL
> FROM:<foo...@foobar.com> SIZE=3055 AUTH=<>
> This is how postfix sends the "MAIL FROM" line.
>
> Sep 1 15:12:30 +0200 16 mail-02 SMTP-IN:00086A89: << MAIL
> FROM:<foo...@foobar.com> SIZE=1127
> This is how an exchange sends it.
>
> This exchange authenticates also with one account and sends for 3 or 4
> other Domains.
> The IP-Addresses of both Servers are allowed to relay Mails for several
> Domains.
> But if I nationally request authentication for them the exchange works
> fine,
> but the postfix does not.
>
> So how do I get rid of the "AUTH=<>" that postfix sends?
This is part of the SASL authentication RFC.
5. The AUTH parameter to the MAIL FROM command
AUTH=addr-spec
Arguments:
An addr-spec containing the identity which submitted the message
to the delivery system, or the two character sequence "<>"
indicating such an identity is unknown or insufficiently
authenticated. To comply with the restrictions imposed on ESMTP
parameters, the addr-spec is encoded inside an xtext. The syntax
of an xtext is described in section 5 of [ESMTP-DSN].
If you don't want this, disable SASL in the Postfix SMTP client:
set "smtp_sasl_auth_enable = no" in main.cf, or configure the
Postfix SMTP client to ignore the AUTH verb in the remote SMTP
server's EHLO response (smtp_discard_ehlo_keyword_address_maps
or smtp_discard_ehlo_keywords).
Wietse
> Thanks in advance for any tips or hints.
>
> Dominik
>
>
>
>
>
>
