On 26.10.2011 02:20, Harald Koch wrote:
On 25/10/2011 5:29 PM, Seth Kneller wrote:
I have postfix and roundcube installed on the same server, postfix
is
setup to use SASL auth and STARTTLS and I can send messages from
remote clients. However I cannot send messages from roundcube on the
localhost.
Can anyone help or point me to where to go next?
FWIW, I have roundcube configured with smtp_server set to
'ssl://localhost' on port 465, instead of using tls://localhost on
port 587. I no longer recall whether that was because STARTTLS didn't
work, or for some other reason...
Well, this config with roundcube here works quite well without any
issues:
Roundcube config:
// ----------------------------------
// SMTP
// ----------------------------------
$rcmail_config['smtp_server'] = 'tls://smtp.domain.xy';
// SMTP port (default is 25; 465 for SSL)
$rcmail_config['smtp_port'] = 587;
// SMTP username (if required) if you use %u as the username Roundcube
// will use the current username for login
$rcmail_config['smtp_user'] = '%u';
// SMTP password (if required) if you use %p as the password Roundcube
// will use the current user's password for login
$rcmail_config['smtp_pass'] = '%p';
// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
// best server supported one)
$rcmail_config['smtp_auth_type'] = 'LOGIN';
// Optional SMTP authentication identifier to be used as authorization
proxy
$rcmail_config['smtp_auth_cid'] = NULL;
// Optional SMTP authentication password to be used for smtp_auth_cid
$rcmail_config['smtp_auth_pw'] = NULL;
// SMTP HELO host
// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO'
messages
// Leave this blank and you will get the server variable 'server_name'
or
// localhost if that isn't defined.
$rcmail_config['smtp_helo_host'] = 'roundcube.domain.xy';
// SMTP connection timeout, in seconds. Default: 0 (no limit)
$rcmail_config['smtp_timeout'] = 0;
postconf -n
address_verify_map = btree:${data_directory}/verify
alias_database =
alias_maps = proxy:btree:/etc/aliases
biff = no
bounce_template_file = /etc/postfix/bounce.de-DE.cf
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
default_database_type = btree
delay_warning_time = 24h
disable_vrfy_command = yes
html_directory = /usr/share/doc/postfix/html
inet_protocols = ipv4, ipv6
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
$relocated_maps
message_size_limit = 102400000
mydestination = localhost.$mydomain $myhostname
mydomain = domain.xy
myhostname = smtp.$mydomain
mynetworks = cidr:/etc/postfix/mynetworks_table
mynetworks_style = subnet
myorigin = $mydomain
postscreen_access_list = permit_mynetworks,
cidr:/etc/postfix/postscreen_access.cidr
postscreen_bare_newline_action = drop
postscreen_bare_newline_enable = yes
postscreen_dnsbl_action = enforce
postscreen_dnsbl_sites = zen.spamhaus.org*3
b.barracudacentral.org*2 dnsbl.njabl.org*2
bl.spameatingmonkey.net*2 dnsbl.ahbl.org*2 bl.spamcop.net
swl.spamhaus.org*-4 list.dnswl.org=127.[0..255].[0..255].0*-2
list.dnswl.org=127.[0..255].[0..255].1*-4
list.dnswl.org=127.[0..255].[0..255].[2..255]*-6
postscreen_greet_action = enforce
postscreen_non_smtp_command_action = drop
postscreen_non_smtp_command_enable = yes
postscreen_pipelining_action = drop
postscreen_pipelining_enable = yes
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
relay_domains = listen.domain.xy
relocated_maps = btree:/etc/postfix/relocated
smtp_tls_CAfile = /etc/postfix/ssl/CA_Root.pem
smtp_tls_cert_file = /etc/postfix/ssl/domainxy_cert.pem
smtp_tls_key_file = /etc/postfix/ssl/domainxy_private.pem
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_client_connection_rate_limit = 25
smtpd_client_message_rate_limit = 100
smtpd_client_recipient_rate_limit = 100
smtpd_data_restrictions = reject_multi_recipient_bounce
smtpd_helo_required = yes
smtpd_recipient_restrictions = check_recipient_access
btree:/etc/postfix/access_recipient-rfc check_client_access
cidr:/etc/postfix/access_client check_helo_access
btree:/etc/postfix/access_helo check_sender_access
btree:/etc/postfix/access_sender check_recipient_access
btree:/etc/postfix/access_recipient reject_non_fqdn_sender
reject_non_fqdn_recipient reject_unknown_sender_domain
reject_unknown_recipient_domain permit_sasl_authenticated
permit_mynetworks check_helo_access
pcre:/etc/postfix/helo_ip_hostname_check
reject_invalid_helo_hostname reject_non_fqdn_helo_hostname
check_sender_access cidr:/etc/postfix/bogus_mx
reject_unverified_recipient reject_unauth_destination
check_policy_service inet:127.0.0.1:12525 permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/domainxy_cert.pem
smtpd_tls_key_file = /etc/ssl/private/domainxy_private.pem
smtpd_tls_protocols = !SSLv2
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
soft_bounce = no
strict_rfc821_envelopes = yes
transport_maps = proxy:btree:/etc/postfix/transport
unknown_address_reject_code = 550
unknown_client_reject_code = 550
unknown_hostname_reject_code = 550
unverified_recipient_reject_code = 577
unverified_recipient_reject_reason = The recipient-address is not
valid! Maybe wrong syntax?
virtual_alias_maps =
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf
virtual_gid_maps = static:8
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains =
proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_mailbox_limit =
proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_maps =
proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_mailbox_maps.cf
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf
virtual_minimum_uid = 150
virtual_transport = dovecot
virtual_uid_maps = static:150
master.cf submission
submission inet n - - - 60 smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_proxy_filter=127.0.0.1:10030
-o smtpd_proxy_options=speed_adjust
-o content_filter=
-o milter_macro_daemon_name=ORIGINATING
Greetz, Tobias
