On 11/18/2013 10:36 AM, Dominique wrote: > Hi, > > I am trying to migrate from cyrus - (Ubuntu 12.04 LTS Server, Mysql > Postfix, cyrus, webcyradmin, saslauth) to dovecot - (Ubuntu 12.04 LTS > Server, Mysql Postfix, Dovecot, Postfixadmin, saslauth) > It all works fine with postfix/cyrus. > However under postfix/dovecot, I have a problem with my relayhost setup. > I got the following message in mail.log: > > Nov 18 17:10:15 mail postfix/smtp[20654]: 2937521D41: > to=<x...@gmail.com>, relay=smtp.isp.es[1.1.1.1]:25, delay=1.1, > delays=0.09/0/0.87/0.18, dsn=5.0.0, status=bounced (host > smtp.isp.es[1.1.1.1] said: 522 Authenticate first (in reply to MAIL FROM > command))
Did you read: http://www.postfix.org/SASL_README.html#client_sasl "At this time, the Dovecot SASL implementation does not provide client functionality." -- Noel Jones > > I understand that I need to authenticate first for the relayhost to kick > in, and I thought I had it. (Applied the same logic from the cyrus > setup), but it seems I missed something. > > Can someone give me a hint ? > > main.cf > > append_dot_mydomain = no > biff = no > broken_sasl_auth_clients = yes > config_directory = /etc/postfix > content_filter = amavis:[127.0.0.1]:10024 > delay_warning_time = 4h > disable_vrfy_command = yes > dovecot_destination_recipient_limit = 1 > enable_original_recipient = no > header_checks = regexp:/etc/postfix/header_checks > inet_interfaces = all > local_recipient_maps = > mailbox_size_limit = 0 > maximal_backoff_time = 8000s > maximal_queue_lifetime = 7d > minimal_backoff_time = 1000s > mydestination = > myhostname = mail.solipym.com > mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128,192.168.1.0/24 > mynetworks_style = host > myorigin = /etc/mailname > readme_directory = no > recipient_delimiter = + > relayhost = smtp.isp.es > smtp_enforce_tls = no > smtp_helo_timeout = 60s > smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd > smtp_tls_note_starttls_offer = yes > smtp_tls_security_level = may > smtp_use_tls = yes > smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) > smtpd_client_restrictions = permit_mynetworks, reject_rbl_client > sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl > smtpd_data_restrictions = reject_unauth_pipelining > smtpd_delay_reject = yes > smtpd_enforce_tls = no > smtpd_hard_error_limit = 12 > smtpd_helo_required = yes > smtpd_helo_restrictions = permit_mynetworks, warn_if_reject > reject_non_fqdn_hostname, reject_invalid_hostname, permit > smtpd_recipient_limit = 16 > smtpd_recipient_restrictions = permit_sasl_authenticated, > permit_mynetworks, reject_unauth_destination, reject_invalid_hostname, > reject_non_fqdn_hostname, reject_non_fqdn_sender, > reject_non_fqdn_recipient, reject_unknown_sender_domain, > reject_unknown_recipient_domain, reject_unauth_pipelining, > reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, > reject_rbl_client blackholes.easynet.nl, reject_rbl_client > dul.dnsbl.sorbs.net, check_policy_service inet:127.0.0.1:10023, permit > smtpd_sasl_auth_enable = yes > smtpd_sasl_authenticated_header = yes > smtpd_sasl_local_domain = > smtpd_sasl_path = private/auth > smtpd_sasl_security_options = noanonymous > smtpd_sasl_type = dovecot > smtpd_sender_restrictions = permit_mynetworks, warn_if_reject > reject_non_fqdn_sender, reject_unknown_sender_domain, > reject_unauth_pipelining, permit > smtpd_soft_error_limit = 3 > smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem > smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key > smtpd_tls_loglevel = 1 > smtpd_tls_received_header = yes > smtpd_tls_security_level = may > smtpd_tls_session_cache_timeout = 3600s > smtpd_use_tls = yes > tls_random_source = dev:/dev/urandom > unknown_local_recipient_reject_code = 450 > virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf, > mysql:/etc/postfix/mysql_virtual_alias_domainaliases_maps.cf > virtual_gid_maps = static:8 > virtual_mailbox_base = /var/vmail > virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf > virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf, > mysql:/etc/postfix/mysql_virtual_mailbox_domainaliases_maps.cf > virtual_transport = dovecot > virtual_uid_maps = static:150 > > master.cf > > # > # Postfix master process configuration file. For details on the format > # of the file, see the master(5) manual page (command: "man 5 master"). > # > # Do not forget to execute "postfix reload" after editing this file. > # > # ========================================================================== > # service type private unpriv chroot wakeup maxproc command + args > # (yes) (yes) (yes) (never) (100) > # ========================================================================== > > # SMTP on port 25, unencrypted. > smtp inet n - - - - smtpd > -o syslog_name=postfix/smtp > -o smtpd_tls_wrappermode=yes > -o smtpd_sasl_auth_enable=yes > -o smtpd_tls_auth_only=yes > -o > smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination,reject > -o smtpd_sasl_security_options=noanonymous,noplaintext > -o smtpd_sasl_tls_security_options=noanonymous > #smtp inet n - - - 1 postscreen > #smtpd pass - - - - - smtpd > #dnsblog unix - - - - 0 dnsblog > #tlsproxy unix - - - - 0 tlsproxy > > # SMTP over SSL on port 465. > smtps inet n - - - - smtpd > -o syslog_name=postfix/smtps > -o smtpd_tls_wrappermode=yes > -o smtpd_sasl_auth_enable=yes > -o smtpd_tls_auth_only=yes > -o > smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination,reject > -o smtpd_sasl_security_options=noanonymous,noplaintext > -o smtpd_sasl_tls_security_options=noanonymous > # -o smtpd_client_restrictions=permit_sasl_authenticated,reject > # -o milter_macro_daemon_name=ORIGINATING > > submission inet n - n - - smtpd > > #628 inet n - - - - qmqpd > pickup fifo n - - 60 1 pickup > cleanup unix n - - - 0 cleanup > qmgr fifo n - n 300 1 qmgr > #qmgr fifo n - n 300 1 oqmgr > tlsmgr unix - - - 1000? 1 tlsmgr > rewrite unix - - - - - trivial-rewrite > bounce unix - - - - 0 bounce > defer unix - - - - 0 bounce > trace unix - - - - 0 bounce > verify unix - - - - 1 verify > flush unix n - - 1000? 0 flush > proxymap unix - - n - - proxymap > proxywrite unix - - n - 1 proxymap > smtp unix - - - - - smtp > relay unix - - - - - smtp > # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 > showq unix n - - - - showq > error unix - - - - - error > retry unix - - - - - error > discard unix - - - - - discard > local unix - n n - - local > virtual unix - n n - - virtual > lmtp unix - - - - - lmtp > anvil unix - - - - 1 anvil > scache unix - - - - 1 scache > # > # ==================================================================== > # Interfaces to non-Postfix software. Be sure to examine the manual > # pages of the non-Postfix software to find out what options it wants. > # > # Many of the following services use the Postfix pipe(8) delivery > # agent. See the pipe(8) man page for information about ${recipient} > # and other message envelope options. > # ==================================================================== > # > # maildrop. See the Postfix MAILDROP_README file for details. > # Also specify in main.cf: maildrop_destination_recipient_limit=1 > # > maildrop unix - n n - - pipe > flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} > # > # ==================================================================== > # > # Recent Cyrus versions can use the existing "lmtp" master.cf entry. > # > # Specify in cyrus.conf: > # lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 > # > # Specify in main.cf one or more of the following: > # mailbox_transport = lmtp:inet:localhost > # virtual_transport = lmtp:inet:localhost > # > # ==================================================================== > # > # Cyrus 2.1.5 (Amos Gouaux) > # Also specify in main.cf: cyrus_destination_recipient_limit=1 > # > #cyrus unix - n n - - pipe > # user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} > ${user} > # > # ==================================================================== > # Old example of delivery via Cyrus. > # > #old-cyrus unix - n n - - pipe > # flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} > # > # ==================================================================== > # > # See the Postfix UUCP_README file for configuration details. > # > uucp unix - n n - - pipe > flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail > ($recipient) > # > # Other external delivery methods. > # > ifmail unix - n n - - pipe > flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) > bsmtp unix - n n - - pipe > flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender > $recipient > scalemail-backend unix - n n - 2 pipe > flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store > ${nexthop} ${user} ${extension} > mailman unix - n n - - pipe > flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py > ${nexthop} ${user} > > # The next two entries integrate with Amavis for anti-virus/spam checks. > amavis unix - - - - 3 smtp > -o smtp_data_done_timeout=1200 > -o smtp_send_xforward_command=yes > -o disable_dns_lookups=yes > -o max_use=20 > 127.0.0.1:10025 inet n - - - - smtpd > -o content_filter= > -o local_recipient_maps= > -o relay_recipient_maps= > -o smtpd_restriction_classes= > -o smtpd_delay_reject=no > -o smtpd_client_restrictions=permit_mynetworks,reject > -o smtpd_helo_restrictions= > -o smtpd_sender_restrictions= > -o smtpd_recipient_restrictions=permit_mynetworks,reject > -o smtpd_data_restrictions=reject_unauth_pipelining > -o smtpd_end_of_data_restrictions= > -o mynetworks=127.0.0.0/8 > -o smtpd_error_sleep_time=0 > -o smtpd_soft_error_limit=1001 > -o smtpd_hard_error_limit=1000 > -o smtpd_client_connection_count_limit=0 > -o smtpd_client_connection_rate_limit=0 > -o > receive_override_options=no_header_body_checks,no_unknown_recipient_checks > > # Integration with Dovecot - hand mail over to it for local delivery, and > # run the process under the vmail user and mail group. > dovecot unix - n n - - pipe > flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/dovecot-lda -d > $(recipient) > > > > --- > This email is free from viruses and malware because avast! Antivirus > protection is active. > http://www.avast.com >
