1 |
> > > I actually don't have a mynetworks statement in main.cf at all and I |
2 |
> > > send from squirrelmail all over the place. |
3 |
> > > |
4 |
> > > I won't be able to specify a single IP for my laptop. Can I allow |
5 |
> > > authenticated users to send? |
6 |
> > |
7 |
> > You connect to squirrelmail from many different IPs via HTTP, but |
8 |
> > squirrelmain only calls SMTP from the localhost IP, 127.0.0.1. So add |
9 |
> > the default mynetworks back in if you want Squirrelmail to be able to |
10 |
> > send at all. And quit trying out poorly thought out security tricks in |
11 |
> > Postfix if you don't know what you're doing. |
12 |
> |
13 |
> I haven't removed the mynetworks statement. It was never there. |
14 |
> Could it be somewhere other than main.cf and master.cf? Maybe |
15 |
> 127.0.0.1 is the default. I can send from squirrelmail just fine as |
16 |
> always. Admittedly "all over the place" was a bad choice of words. |
17 |
> |
18 |
> > Once that is fixed you can start looking at why you can't authenticate. |
19 |
> > I'm going to guess that you haven't bothered to setup smtp |
20 |
> > authentication via sasl yet. |
21 |
> |
22 |
> I didn't realize I wasn't authenticating. I'm working on sasl now. |
23 |
|
24 |
Got it! Thanks a lot for everyone's help. I'm running |
25 |
courier-imapd-ssl, postfix, and saslauthd. With the following config |
26 |
everything should be encrypted between my laptop and the server: |
27 |
|
28 |
/etc/postfix/main.cf: |
29 |
|
30 |
[snip] |
31 |
smtpd_sasl_auth_enable = yes |
32 |
smtpd_sasl2_auth_enable = yes |
33 |
smtpd_sasl_security_options = noanonymous |
34 |
smtpd_sasl_local_domain = |
35 |
smtpd_recipient_restrictions = |
36 |
permit_sasl_authenticated, |
37 |
permit_mynetworks, |
38 |
check_policy_service inet:127.0.0.1:10030 |
39 |
reject_unauth_destination, |
40 |
permit |
41 |
virtual_alias_maps = hash:/etc/postfix/virtual |
42 |
message_size_limit = 20480000 |
43 |
smtpd_tls_security_level = may |
44 |
smtpd_tls_auth_only = yes |
45 |
smtpd_tls_key_file = /etc/ssl/postfix/server.key |
46 |
smtpd_tls_cert_file = /etc/ssl/postfix/server.crt |
47 |
smtpd_tls_CAfile = /etc/ssl/postfix/server.pem |
48 |
smtpd_tls_session_cache_timeout = 3600s |
49 |
tls_random_source = dev:/dev/urandom |
50 |
|
51 |
/etc/postfix/master.cf: |
52 |
|
53 |
smtp inet n - n - - smtpd |
54 |
smtps inet n - n - - smtpd |
55 |
-o smtpd_tls_wrappermode=yes |
56 |
|
57 |
/etc/sasl2/smtpd.conf: |
58 |
|
59 |
mech_list: PLAIN LOGIN |
60 |
pwcheck_method:saslauthd |
61 |
|
62 |
- Grant |
63 |
-- |
64 |
gentoo-user@l.g.o mailing list |