Hello, On Tue, 04 Feb 2014 21:40:38 +0100 "li...@rhsoft.net" <li...@rhsoft.net> wrote:
> how should it if you happily reject anything and not use > "permit_sasl_authenticated" anywhere? authentication itself > means nothing without configuration for it Yes that's correct i have nothing stand, because when i read on dovecot the sasl wiki page i has think this job run with submission. http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL submission inet n - n - - smtpd -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o smtpd_recipient_restrictions=reject_unknown_recipient_domain, reject_non_fqdn_recipient, permit_sasl_authenticated, reject The actuall config now: ks3374456 dovecot # postconf -n alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix disable_vrfy_command = yes home_mailbox = Maildir/ html_directory = no inet_protocols = ipv4 mail_owner = postfix mailbox_size_limit = 0 mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man masquerade_classes = envelope_sender, header_sender, header_recipient masquerade_domains = masquerade_exceptions = root master_service_disable = message_size_limit = 20480000 minimal_backoff_time = 300s mydestination = $myhostname, localhost.$mydomain myhostname = ks3374456.kimsufi.com mynetworks_style = subnet newaliases_path = /usr/bin/newaliases non_smtpd_milters = unix:/run/opendkim/opendkim.sock policyd-spf_time_limit = 3600 queue_directory = /var/spool/postfix queue_run_delay = 300s readme_directory = no sample_directory = /etc/postfix sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtp_tls_loglevel = 1 smtp_tls_security_level = may smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_scache smtpd_banner = $myhostname ESMTP smtpd_client_restrictions = reject_unknown_client_hostname smtpd_helo_required = yes smtpd_helo_restrictions = reject_invalid_helo_hostname, reject_unknown_helo_hostname, reject_non_fqdn_helo_hostname smtpd_milters = unix:/run/opendkim/opendkim.sock smtpd_recipient_restrictions = reject_unknown_recipient_domain, reject_non_fqdn_recipient, reject_unverified_recipient, permit_mynetworks, reject_unauth_destination, check_policy_service unix:private/policyd-spf, check_policy_service unix:private/postgrey, permit smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_sender_restrictions = reject_unknown_sender_domain smtpd_tls_ask_ccert = yes smtpd_tls_cert_file = /etc/postfix/key/postfix.pem smtpd_tls_key_file = /etc/postfix/key/postfix.key smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_scache strict_rfc821_envelopes = yes unknown_address_reject_code = 554 unknown_client_reject_code = 554 unknown_hostname_reject_code = 554 unknown_local_recipient_reject_code = 550 virtual_gid_maps = static:5000 virtual_mailbox_base = /var/vmail virtual_mailbox_domains = /etc/postfix/vhost virtual_mailbox_maps = hash:/etc/postfix/vmaps virtual_minimum_uid = 100 virtual_transport = lmtp:unix:private/dovecot-lmtp virtual_uid_maps = static:5000 But the result is same. Feb 5 01:26:01 ks3374456 postfix/smtpd[27833]: connect from unknown[46.115.115.247] Feb 5 01:26:02 ks3374456 postfix/smtpd[27833]: Anonymous TLS connection established from unknown[46.115.115.247]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) Feb 5 01:26:04 ks3374456 postfix/smtpd[27833]: NOQUEUE: reject: RCPT from unknown[46.115.115.247]: 554 5.7.1 Client host rejected: cannot find your hostname, [46.115.115.247]; from=<webmas...@silviosiefke.com> to=<siefkesil...@gmail.com> proto=ESMTP helo=<gentoomobile> Feb 5 01:26:12 ks3374456 postfix/smtpd[27833]: lost connection after RCPT from unknown[46.115.115.247] Feb 5 01:26:12 ks3374456 postfix/smtpd[27833]: disconnect from unknown[46.115.115.247] Thank you for help & Nice Day Silvio
