Hello
Recently I've been doing modifications to my internal server smtp mail,
so to authenticate e-mails that are sent
The authentication mechanism I used is explained in the postfix site,
very simple:
http://www.postfix.org/SASL_README.html # server_dovecot
All outgoing emails are delivered to a server that acts as mx server and
in turn this same server receives messages and delivers them to the
internal server with the new SASL authentication mechanism.
My problem is the internal server rejects messages coming from the
server mx.
Oct 13 18:11:58 legolas postfix/smtp[26982]: 210081CEAAE:
to=<p...@home.com>, relay=192.168.1.1[192.168.1.1]:25, delay=2.7,
delays=1.6/0/0/1.1, dsn=5.7.1, status=bounced (host
192.168.1.1[192.168.1.1] said: 554 5.7.1 <c39...@gmail.com>: Sender
address rejected: Access denied (in reply to RCPT TO command))
I was wondering if you can implement a white list in postfix, to accept
smtp connections from the IP address of my mx server without any
authentication.
address_verify_map = btree:$queue_directory/verify
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = $myhostname, localhost
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost,
localhost.localdomain
mynetworks = $config_directory/mynetworks
mynetworks_style = subnet
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
relay_domains = home.com
relay_recipient_maps = hash:$config_directory/recipients
relayhost = [mx.home.com]
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = ldap:accounts
smtp_sasl_security_options = noanonymous
smtpd_client_connection_count_limit = 5
smtpd_error_sleep_time = 4
smtpd_hard_error_limit = 7
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_hostname
smtpd_recipient_restrictions = permit_sasl_authenticated,
reject_unauth_destination,reject
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_sasl_authenticated,
check_sender_access hash:/etc/postfix/recipients,
reject_non_fqdn_sender, reject_unknown_sender_domain, reject
smtpd_soft_error_limit = 2
transport_maps = hash:$config_directory/transport
unknown_local_recipient_reject_code = 550
unverified_sender_reject_code = 550
Thanks
Michel
