Hi Well, thanks to advise me about the diference. But how I can change it?
I understand taht all my rules are misspelled and I need to correct all of this with smtp_ ? Thanks for your time and patience :-) El 07/02/13 23:03, Viktor Dukhovni escribió: > On Thu, Feb 07, 2013 at 09:34:00PM +0100, deconya wrote: > >>>> smtp_sasl_auth_enable = no >>> You've disabled SASL. >> In main.cf appears >> >> smtpd_sasl_auth_enable = yes, why can appear no? > You're not paying attention: > > "smtpd" != "smtp" > >>>> smtp_sasl_password_maps = hash:/etc/postfix/relay_passwd >>> In this table the lookup key should be the verbatim setting of >>> relayhost: >>> >>> [smtp.puc.rediris.es] user:pass >>> >>>> smtp_sasl_security_options = noplaintext, noanonymous >>>> smtp_sasl_tls_security_options = $smtp_sasl_security_options >>>> smtp_sasl_tls_verified_security_options = >> Other strange rule, I have >> >> smtpd_sasl_security_options = noanonymous > You're still not paying attention: > > "smtpd" != "smtp" > >>>> smtp_tls_CAfile = >>>> smtp_tls_CApath = >>> How do you expect to verify the peer certificate? And without >>> verification, how do you expect to authenticate? >> This rules are misspelled? I have this in main.cf >> >> smtpd_tls_key_file = /etc/ssl/private/server_key.pem >> smtpd_tls_cert_file = /etc/ssl/server.crt >> smtpd_tls_CAfile = /etc/ssl/TERENASSL_PATH.pem > That attention thing is a real problem... > >>>> smtp_tls_enforce_peername = yes >>>> smtp_use_tls = no >>>> smtp_tls_security_level = >>> The first two settings are obsolete. Set "smtp_tls_security_level = secure" >>> or at least "may" (and then enforce TLS for the relay via the policy table). >>> >>>> smtp_tls_loglevel = 0 >> I have >> >> smtpd_tls_loglevel = 2 > Broken record... >
