Am 05. Juli 2015 21:18:03 MESZ, schrieb "@lbutlr" <krem...@kreme.com>: >I have the following setup for submission: > >submission inet n - n - - smtpd > -o smtpd_tls_security_level=encrypt > -o smtpd_sasl_auth_enable=yes > -o smtpd_sasl_type=dovecot > -o smtpd_sasl_security_options=noanonymous > -o smtpd_sasl_path=private/auth > -o smtpd_client_restrictions=permit_sasl_authenticated,reject > -o smtpd_data_restrictions= >-o >smtpd_relay_restrictions=permit_sasl_authenticated,reject_unauth_destination,reject > -o smtpd_helo_restrictions= >-o >smtpd_recipient_restrictions=permit_sasl_authenticated,reject_unauth_destination,reject > -o syslog_name=submit-tls > >I am getting the following error: > >Jul 5 13:09:06 mail postfix/smtpd[91399]: Anonymous TLS connection >established from ***-static.hfc.comcastbusiness.net[1.2.3.444]: TLSv1 >with cipher ECDHE-RSA-AES256-SHA (256/256 bits) >Jul 5 13:09:06 mail postfix/smtpd[91399]: NOQUEUE: reject: RCPT from >***-static.hfc.comcastbusiness.net[1.2.3.444]: 554 5.7.1 ><au...@gmail.com>: Relay access denied; from=<kr...@kreme.com> >to=<au...@gmail.com> proto=ESMTP helo=<[10.0.0.177]> > >Is there anyway to verify in the logs that the connecting device is >using the submission port and not something stupid like port 25?
whoever connects is not connecting to your submission port, you should see "submit-tls" (the -o syslog_name value) instead of the postfix/smtpd you're seeing in the logs... you did restart postfix? regards - c
