On 12/07/2011 10:13 PM, Grant wrote:
You've probably got permit_mynetworks near the top of your
smtpd_foo_restrictions, which are inherited by default. The "-o
The only smtpd_foo_restrictions I have in main.cf are:
smtpd_recipient_restrictions =
permit_sasl_authenticated,
permit_mynetworks,
reject_unauth_destination,
permit
You don't really need the permit_sasl_authenticated, since you shouldn't
be trying to auth on port 25. It doesn't hurt, though.
smtpd_client_restrictions" line would have overridden that (if it was a
client restriction) and forced your users to authenticate.
I'm now running submission like this:
submission inet n - n - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
Looks good.
SASL must be working since Thunderbird can send mail over 587,
correct?
Right.
I don't see why local Squirrelmail won't send mail over 587,
but remote Thunderbird will. Squirrelmail also won't send mail over
port 25, but it will send mail over 465.
Do you have a new-enough SquirrelMail? From the looks of it, the only
version >= 1.5.1 is the development snapshot. (Do you know about Roundcube?)
