1 |
Hi! |
2 |
|
3 |
I changed the restrictions line like you said: |
4 |
smtpd_recipient_restrictions = |
5 |
permit_mynetworks, |
6 |
permit_sasl_authenticated, |
7 |
reject_unauth_destination |
8 |
|
9 |
but this way it will try to see if the ip is part of mynetworks first, and |
10 |
as it wont be it will reject or ... because my squirremail morks and I |
11 |
think it does not use the authentification but rather the mynetworks. |
12 |
Well.. :) |
13 |
|
14 |
here is postconf | grep smtpd_sasl |
15 |
smtpd_sasl_auth_enable = yes |
16 |
smtpd_sasl_authenticated_header = no |
17 |
smtpd_sasl_exceptions_networks = |
18 |
smtpd_sasl_local_domain = |
19 |
smtpd_sasl_path = smtp |
20 |
smtpd_sasl_security_options = noanonymous |
21 |
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options |
22 |
smtpd_sasl_type = cyrus |
23 |
|
24 |
|
25 |
I also now have all the authentification methods in the telnet EHLO |
26 |
response. Which should not be |
27 |
telnet localhost 587 |
28 |
Trying 127.0.0.1... |
29 |
Connected to localhost. |
30 |
Escape character is '^]'. |
31 |
220 ks359684.kimsufi.com ESMTP Postfix |
32 |
EHLO localhost |
33 |
250-ks359684.kimsufi.com |
34 |
250-PIPELINING |
35 |
250-SIZE 10240000 |
36 |
250-VRFY |
37 |
250-ETRN |
38 |
250-STARTTLS |
39 |
250-AUTH NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5 |
40 |
250-AUTH=NTLM LOGIN PLAIN DIGEST-MD5 CRAM-MD5 |
41 |
250-ENHANCEDSTATUSCODES |
42 |
250-8BITMIME |
43 |
250 DSN |
44 |
STARTTLS |
45 |
220 2.0.0 Ready to start TLS |
46 |
|
47 |
Which I don't understand how because the /etc/sasl2/smtpd.conf is sayin: |
48 |
mech_list: PLAIN LOGIN |
49 |
pwcheck_method: saslauthd |
50 |
|
51 |
I will continue to look now, need to clean somethin somewhere. |
52 |
Thank you for the help ;) |
53 |
|
54 |
Laurent |