Uh.... sorry Rendi! As I said: I was in a hurry, I didn't mean to direct the answer to you! It should go to Peter (I took the wrong name).
Anyway, I don't have the original OP message (I don't know why, I just don't have it), so, I answered with what I have, and based on my experience: with these directives, you can implement a "person-by-person" migration, ie: within "internal network", SMTP auth would be optional, thus allowing you to have a mixed environment (some people with auth, some people without auth). No, this won't generate the message he wants, but allows you to slowly adopt the SMTP authentication, without disrupting current users. About the "bounce" message (which would not be exactly a bounce), I would have to think more about it, but I bet there are ways of doing it.... However, I think it is better that he just send out massive email to his 200k users telling them that they should update their configuration to use SMTP authentication, and that starting X date, unauthenticated mails will be rejected, and repeat the message some times (once a week for a month, for example). That'd be simple to do, and should work. Sincerely, Ildefonso Camargo On Wed, Feb 8, 2012 at 11:29 PM, Reindl Harald <h.rei...@thelounge.net> wrote: > > > Am 09.02.2012 04:49, schrieb Jose Ildefonso Camargo Tolosa: >> Greetings, >> >> Reindi, search through postfix docs for that: >> >> + permit_sasl_authenticated >> + permit_mynetworks (play with the mynetworks definition, so, >> initially you allow all mail from your local network, and when *all* >> of your users moved to new authenticated schema, you just removed >> local network from here) >> >> That one is not so important, but I have found it really useful in my >> environment: >> >> + reject_authenticated_sender_login_mismatch (this is an interesting >> one, that you can later replace with: reject_sender_login_mismatch ... >> now, I use LDAP with all of this). >> >> I am a little in a hurry now, but if you read the docs you may get the idea. >> I hope this helps > > first it was not me having a problem with SMTP Auth > > second all of this doe snot help in the strange wishes of the OP > which are making no sense at all, below quoted again > > please do not read only the subject! > _______________________________________- > > this is what i meant with "making no sense at all" > > "I would like to do it in a non-disruptive way. I was thinking to implement > something like a "bounce" message for each outgoing mail without > authentication. > That message will not stop the delivery of the email, but it will, simply, > inform unauthenticated users about the fact that in a few days they will be > forced to do so. When D-day comes, I would like to return to unauthenticated > users a custom DSN, not the build-in error." > >
