Vieri Di Paola:
> Hi,
>
> I'm trying to allow all hosts with IP addr. in permit_mynetworks to
> send e-mails to external domains without authentication. On the other
> hand, I want to allow sasl-authed clients to send emails to external
> domains.
>
> I have this:
>
> # grep sasl /etc/postfix/main.cf
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_security_options = noanonymous
> broken_sasl_auth_clients = yes
> smtpd_sasl_local_domain =
> smtpd_recipient_restrictions = check_recipient_access
> hash:/etc/postfix/to_access, permit_sasl_authenticated,
> permit_mynetworks, reject_unauth_destination,
> reject_unknown_recipient_domain, check_policy_service
> unix:private/policyd-spf
> smtpd_sasl_path = smtpd
> smtpd_sasl_service = saslauthd
> smtpd_sasl_type = cyrus
> smtp_sasl_auth_enable = yes
> smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
> reject_unauth_destination
>
> Hosts in permit_mynetworks can send e-mails without authenticating.
> However, authenticated users cannot:
>
> AUTH PLAIN ABCDEFG
> 235 2.7.0 Authentication successful
> MAIL FROM: <m...@mydomain.org>
> 250 2.1.0 Ok
> RCPT TO: <y...@otherdomain.com>
> 554 5.7.1 <y...@otherdomain.com>: Relay access denied
>
> What am I doing wrong?
>
> I removed reject_unauth_destination but I'm still getting the same
> rejection message for authenticated users.
>
> Vieri
>
Output from "postconf -n" may reveal that your cut-and-paste is
incorrect.
Wietse
