On Thu, Jan 30, 2014 at 09:51:30AM -0500, Dennis Putnam wrote:
> relayhost = [smtp.att.yahoo.com]:587
> smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
>
> In case it is needed here is the content of tls_policy:
>
> in.mailjet.com may
> smtp.att.yahoo.com:587 encrypt
It is rather sad that the problem is staring you in the face, and
the required configuration was explicitly communicated upthread:o
http://archives.neohapsis.com/archives/postfix/2013-12/0785.html
Your original message reports problems with delivery to a bellsouth.net
recipient via:
relay=smtp.att.yahoo.com[98.138.31.74]:587
presumably, you've set "relayhost=[smtp.att.yahoo.com]:587" or some
similar setting. Per the Postfix documentation (both TLS_README
and SASL_README). The lookup key for both TLS and SASL policy
should be verbatim next-hop destination, namely:
tls_policy:
# Ideally use "secure" after configuring a suitable CAfile.
[smtp.att.yahoo.com]:587 encrypt
sasl_passwords:
[smtp.att.yahoo.com]:587 user:pass
The "[", "]" around the relay name in the tls policy and sasl password
tables are NOT optional.
--
Viktor.
