On Tue, Sep 07, 2010 at 12:53:13PM +0800, Richard Chapman wrote:
> I am running postfix 2.3.3 as part of Centos 5.5.
>
> I am trying to set up a hybrid mail system which involves postfix, dovecot
> and Google Apps.
> Ideally - I would like the email clients to use a authenticated TLS
> connection to postifix (which is working fine) and then postfix to relay
> the mail through smtp.google.com also through a authenticated TLS
> connection using the same credentials as the "Client-Postfix" connection.
You cannot clone and should not attempt to clone authentication credentials
from an incoming Postfix SMTP server session to an outgoing Postfix SMTP
client session.
> AFAIK smtp.google.com requires an authenticated TLS connection.
If you have a Google Apps hosted domain, you use fixed MTA credentials,
(possibly just an IP whitelist) negotiated with Google and send to
alternate servers (not smtp.gmail.com 587). No per-user credentials
required.
Otherwise, Postfix can make use of per-sender stored passwords, as
described in SASL_README and SOHO_README.
http://www.postfix.org/SOHO_README.html#client_sasl_sender
http://www.postfix.org/SASL_README.html#client_sasl_sender
--
Viktor.
