Rich Wales: > Earlier, I wrote: > > > I'm starting to ponder the idea of setting up a separate service in > > my master.cf file -- similar to the standard "smtp" service, but with > > a few parameters overridden -- and define that separate service as > > my smtp_fallback_relay, and have the separate service use my *real* > > fallback relay as its relay host, and enable sender-dependent > > authentication in the separate service instead of in my standard > > SMTP service. But I realize that would be a messy kludge, and I'd > > prefer not to do it this way except as a last resort. > > That idea doesn't appear to work -- the separate SMTP service considered > the mail passed to it by the main Postfix instance to be unauthenticated > (because it wasn't coming directly from my user agent?) and insisted it > wouldn't act as an open relay. > > I tried the option smtpd_recipient_restrictions= in the separate SMTP > service, but that didn't work -- Postfix demands that this parameter must > contain at least one working instance of reject_unauth_destination, reject, > defer, or defer_if_permit -- i.e., it looks like it simply will not allow > itself to be configured as an open relay, period, even if I'm sure I know > what I'm doing. > > And there doesn't seem to be any way for me to use my web hosting service > (Bluehost) as my fallback without doing sender-dependent authentication; > their tech support's suggestion that I try using my master domain account > cPanel login info as a site-wide, sender-independent authentication did > not work. > > So I appear to be stuck -- I can't avoid the situation (as I described in > my e-mail from last night; see details there) where a random destination > MX is deciding to ask me for authentication, and it understandably doesn't > like my sender-dependent authentication info intended only for my fallback > relay, and I can't selectively give out or withhold my authentication info > because sender-dependent authentication cares *only* about the sender and > apparently can't be told to care about the identity of the destination host. > > Any suggestions would be welcome.
There is a lot of "did not work" without concrete detail: actual configuration, actual error responses. See my response in a recent thread: http://archives.neohapsis.com/archives/postfix/2011-05/0020.html Wietse
