On 6/15/2012 10:22 AM, Alain Deseine wrote: > And local IP address are defined by the $mynetworks variable. As > mynetworks_style = host, 127.0.0.0/8 is included in $mynetworks.
Correct. > > So when i do la local telnet WITHOUT AUTH postfix accept to relay > mail, and that's ok. Correct. > > But when the open xchange webmail try the same (with an ip adress = > 127.0.0.1) postfix try to authenticate with SASL. NO! The CLIENT tries to authenticate and fails, and the CLIENT disconnects. You need to configure the CLIENT to not attempt authentication OR (better) fix the CLIENT's authentication credentials. It might be helpful to tell postfix to not offer AUTH on localhost, but I'm guessing the client will still disconnect until you configure the client to not attempt AUTH. http://www.postfix.org/postconf.5.html#smtpd_sasl_exceptions_networks At any rate, the best course of action is to require webmail to AUTH even though it's on localhost. Unfortunately, it's not unusual for webmail systems to be compromised -- often through phishing -- and the AUTH logging gives you a little more information about where the breach is. -- Noel Jones
