/etc/postfix/master.cf:
#smtp inet n - y - - smtpd
submission inet n - y - - smtpd
This looks like a submission service, so you would generally require
TLS.
On Sat, Jan 16, 2021 at 11:37:50PM -0700, Gary Aitken wrote:
Yes, I assume that's a hint I need
smtp_use_tls=yes
On 1/17/21 12:30 AM, Viktor Dukhovni wrote:
No, that's the obsolete syntax to enable opportunistic outbound (SMTP
client) TLS, but you need mandatory inbound (SMTP server) TLS.
smtpd_tls_security_level = encrypt
On 18.01.21 17:18, Gary Aitken wrote:
The issue *is* with outbound; I need outbound to 587 and inbound on 587.
are you aware that only mail clients and explicitly configured mail servers
will deliver mail to you on port 587?
You have nothing in your configuration that would direct outbound
traffic to port 587, and it is likely not what you want anyway.
Does "xx.com" really receive inbound email on port 587? If so,
you'd need a transport table entry to send it there, and probably
SASL to authenticate your access to that service.
In this case the destination address does listen on 587.
Why is it not likely what I want?
Because you did not explain that this is a relayhost. Your message said
that you sent outbound mail to just that domain, not that you were using
that domain as a relayhost. Which is it?
That domain and its mx server serves as both a destination and a relay
host if necessary. In this case I would like it to be only a destination,
but at the moment the only way I have been able to get postfix to contact
it on 587 is to have postfix treat it as a relayhost.
I think the issue is I need to specify default_transport as suggested by
Matus; I will try that.
The recipient domain is not listed in mydestination; but shouldn't it be
contacting the MX host of the recipient domain rather than itself?
Now you're really confusing things. If you want delivery to port 587 of
a relayhost (submission service smarthost that figures how where to
route the mail), then the MX records of the recipient domain are
irrelevant. If you want to deliver to the MX host of domain you'd want
to use port 25, which is where domains receive inbound mail.
It seems you're rather confused abou†what you want...
I'm certainly confused about how to accomplish it...
The postfix server is inside the google cloud, and google blocks port 25.
That's why I need it to go out to 587, not 25.
Also, (nearly) no server will allow you to send mail via port 587 without
authentication (to that server).
This is aparently the reason why google blocks you from contacting other
servers on port 25 - you can spam them that way.
simply said, by blocking port 25 your provider prevents you from sending
spam and requires you to use mail service of them or other providers.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
A day without sunshine is like, night.
