Hi,
I have a fedora14 system configured to use dovecot sasl, and having
some difficulties with smtpd_sender_login_maps. The docs say it's
optional, but without a proper mapping, mail is rejected with "Sender
address rejected: not owned by user alex". Is this configuration
indeed optional? I'd like to exclude this extra step so another level
of authentication isn't necessary.
Perhaps my particular configuration is such that it is required, and
there is another way to use other existing tables to authenticate the
users in the domain?
Below is my postfinger output. Any suggestions greatly appreciated.
Thanks,
Alex
postfinger - postfix configuration on Mon May 9 22:35:58 EDT 2011
version: 1.30
--System Parameters--
mail_version = 2.7.3
hostname = mail.mydomain.net
uname = Linux mail.mydomain.net 2.6.35.12-90.fc14.x86_64 #1 SMP Fri
Apr 22 16:01:29 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
--Packaging information--
looks like this postfix comes from RPM package: postfix-2.7.3-1.fc14.x86_64
--main.cf non-default parameters--
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
always_bcc = emailcomp
biff = no
delay_warning_time = 4h
disable_vrfy_command = yes
header_checks = pcre:/etc/postfix/header_checks.pcre
mailbox_command = /usr/bin/procmail
mailbox_size_limit = 2000000000
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, mydomain.net,
mydomain1.com
mynetworks = 127.0.0.0/8, 192.168.1.0/24, 68.XXX.YYY.40/29, 71.XXX.YYY.91/32
readme_directory = /usr/share/doc/postfix-2.7.3/README_FILES
relay_clientcerts = hash:/etc/postfix/relay_clientcerts
relay_domains = $mydestination, $transport_maps, mydomain.net, mydomain1.com
sample_directory = /usr/share/doc/postfix-2.7.3/samples
smtpd_recipient_restrictions = reject_non_fqdn_recipient,
reject_non_fqdn_sender, reject_unlisted_recipient, permit_mynetworks,
reject_sender_login_mismatch, permit_sasl_authenticated,
reject_unauth_destination, reject_unknown_sender_domain,
reject_unknown_recipient_domain, reject_invalid_helo_hostname,
check_client_access hash:/etc/postfix/client_access,
check_sender_access hash:/etc/postfix/sender_checks,
check_recipient_access pcre:/etc/postfix/relay_recips_access,
reject_rbl_client zen.spamhaus.org, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = hash:/etc/postfix/controlled_envelope_senders
smtpd_sender_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_unauth_pipelining, reject_sender_login_mismatch, permit
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem
smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database =
btree:/var/lib/postfix/smtpd_tls_session_cache
smtp_tls_CAfile = /etc/pki/tls/cacert.pem
transport_maps = hash:/etc/postfix/transport
virtual_alias_maps = hash:/etc/postfix/virtual
--master.cf--
smtp inet n - n - - smtpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o smtp_fallback_relay=
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
-- end of postfinger output --
