On Mon, 12 Mar 2012, Larry Stone wrote: > > I haven't seen any followups with the request postconf -n output but: > Um, nobody asked for it; Wietse only said it was preferred over sharing the values individually. -smile- However, I'll take your statement as an implicit request - it's below.
> It's not clear if you're trying to do this on port 25 or port 587 > (submission). I'd be keen to know how I can, if I should, offload port 25; as I indicated I'm using port 25 because I didn't stumble over any other course of action. Please feel free to point me at what I _should_ be doing! -smile- > In any event, you have included permit_sasl_authenticated in > your smtpd_recipient_restrictions, right? Yes, as described in my first post here. > Note that > permit_sasl_authenticated must be ahead of reject_unauth_destination. In smtpd_sender_restrictions, permit_sasl_authenticated immediately follows permit_mynetworks. In smtpd_recipient_restrictions, it's considerably further from being first! (as can be seen below) I'll move it to follow permit_mynetworks and see how it goes! THANKS for the suggestion. > > -- Larry Stone > lston...@stonejongleux.com > Thanks Larry, Richard Output from postconf -n: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 10 debug_peer_list = 192.168.2.16 disable_vrfy_command = yes html_directory = no inet_interfaces = all inet_protocols = all local_recipient_maps = unix:passwd.byname $alias_maps mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname , localhost.$mydomain , localhost, <more deleted> mydomain = myDomain.com myhostname = mail.myDomain.com mynetworks = $mydestination , <more deleted> mynetworks_style = subnet newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.5.6/README_FILES recipient_delimiter = + relay_domains = $mydestination , <more deleted> sample_directory = /usr/share/doc/postfix-2.5.6/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous, noplaintext smtp_sasl_tls_security_options = noanonymous smtpd_delay_reject = yes smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, check_helo_access hash:/etc/postfix /helo_access, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, permit_sasl_authenticated, check_client_access hash:/etc/postfix/pop-before-smtp, check_sender_access hash:/etc/postfix/sender_access, reject_rbl_client bl.spamcop.net, reject_rbl_client sbl-xbl.spamhaus.org, check_policy_service inet:12 7.0.0.1:10030, permit_mynetworks smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous, noplaintext smtpd_sasl_tls_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject _non_fqdn_sender, reject_unknown_sender_domain smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem smtpd_tls_security_level = maysoft_bounce = no unknown_local_recipient_reject_code = 550
