Hello,

I am trying to set up my postfix server so that it sends outgoing emails
having a from address matching *@pobox.com to the server smtp.pobox.com,
using port 587.  As this rule is matching from addresses, and pobox.com is
not the final destination, smtp.pobox.com requires authentication.

I saw several references on the web explaining how to do this, such as:  
https://swientek.me/2013/11/27/postfix-smtp-sender-dependent-authentication/

I did what it said, and I seem to have gotten the server to correctly
recognize which emails need to be routed to pobox.com, and I'm able to get
server to connect to smtp.pobox.com.

But when my server connects it refuses to authenticate, so smtp.pobox.com
responds with "Relay access denied".  (Note debug_peer_list = pobox.com
below.)

Other (non pobox.com) email is working fine in both directions.  I've tried
a bunch of things, but now I am stumped.  If anyone has any thoughts on what
to try and/or if they need more information, please let me know.

Thanks!
-Bob


Relevant files:

/etc/postfix/sender_relay
       @pobox.com      [smtp.pobox.com]:587

/etc/postfix/sasl_passwd
[smtp.pobox.com]                    <UserID>:<Password>
[smtp.pobox.com]:587              <UserID>:<Password>
@pobox.com                           <UserID>:<Password>

*I believe only the first entry is needed,but I added the others to see if I
could get authentication working. Also, obviously the <UserID>:<Password>
combination has data in it that I didn't want to share.

postconf -n gives:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_percent_hack = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 5
debug_peer_list = pobox.com
header_checks = regexp:/etc/postfix/header_checks
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 20480000
milter_default_action = accept
milter_protocol = 2
mydestination = $myhostname, localhost.$mydomain, server1, server1.bob7.com
myhostname = mail.bob7.com
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = inet:localhost:8891
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sender_dependent_relayhost_maps = hash:/etc/postfix/sender_relay
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sender_dependent_authentication = yes
smtpd_milters = inet:localhost:8891
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated
reject_unauth_destination check_policy_service
unix:/var/spool/postfix/postgrey/socket
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/postfix.ca.pem
smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_tls_mandatory_ciphers = high
smtpd_tls_security_level = may
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual




--
View this message in context: 
http://postfix.1071664.n5.nabble.com/Problem-implementing-sender-dependent-relayhost-maps-tp87033.html
Sent from the Postfix Users mailing list archive at Nabble.com.

Reply via email to