Bill Cole:
> What does Postfix show in the Received header if authentication is
> attempted and fails but the sender keeps going and is is not rejected by
> a later restriction?
There is no username unless the user was logged in.
/* RFC 4954 Section 6. */
smtpd_chat_reply(state, "235 2.7.0 Authentication successful");
if ((sasl_username = xsasl_server_get_username(state->sasl_server)) == 0)
msg_panic("cannot look up the authenticated SASL username");
state->sasl_username = mystrdup(sasl_username);
printable(state->sasl_username, '?');
state->sasl_method = mystrdup(sasl_method);
printable(state->sasl_method, '?');
Either this, or an NGINX proxy sent the logged-in username with XCLIENT.
Note that Postfix does not look inside SASL protocol messages. It
has no idea how the protocols work and gets the username from the
Cyrus SASL library or from a Dovecot authentication server.
Wietse
