| 1 |
> > > I actually don't have a mynetworks statement in main.cf at all and I |
| 2 |
> > > send from squirrelmail all over the place. |
| 3 |
> > > |
| 4 |
> > > I won't be able to specify a single IP for my laptop. Can I allow |
| 5 |
> > > authenticated users to send? |
| 6 |
> > |
| 7 |
> > You connect to squirrelmail from many different IPs via HTTP, but |
| 8 |
> > squirrelmain only calls SMTP from the localhost IP, 127.0.0.1. So add |
| 9 |
> > the default mynetworks back in if you want Squirrelmail to be able to |
| 10 |
> > send at all. And quit trying out poorly thought out security tricks in |
| 11 |
> > Postfix if you don't know what you're doing. |
| 12 |
> |
| 13 |
> I haven't removed the mynetworks statement. It was never there. |
| 14 |
> Could it be somewhere other than main.cf and master.cf? Maybe |
| 15 |
> 127.0.0.1 is the default. I can send from squirrelmail just fine as |
| 16 |
> always. Admittedly "all over the place" was a bad choice of words. |
| 17 |
> |
| 18 |
> > Once that is fixed you can start looking at why you can't authenticate. |
| 19 |
> > I'm going to guess that you haven't bothered to setup smtp |
| 20 |
> > authentication via sasl yet. |
| 21 |
> |
| 22 |
> I didn't realize I wasn't authenticating. I'm working on sasl now. |
| 23 |
|
| 24 |
Got it! Thanks a lot for everyone's help. I'm running |
| 25 |
courier-imapd-ssl, postfix, and saslauthd. With the following config |
| 26 |
everything should be encrypted between my laptop and the server: |
| 27 |
|
| 28 |
/etc/postfix/main.cf: |
| 29 |
|
| 30 |
[snip] |
| 31 |
smtpd_sasl_auth_enable = yes |
| 32 |
smtpd_sasl2_auth_enable = yes |
| 33 |
smtpd_sasl_security_options = noanonymous |
| 34 |
smtpd_sasl_local_domain = |
| 35 |
smtpd_recipient_restrictions = |
| 36 |
permit_sasl_authenticated, |
| 37 |
permit_mynetworks, |
| 38 |
check_policy_service inet:127.0.0.1:10030 |
| 39 |
reject_unauth_destination, |
| 40 |
permit |
| 41 |
virtual_alias_maps = hash:/etc/postfix/virtual |
| 42 |
message_size_limit = 20480000 |
| 43 |
smtpd_tls_security_level = may |
| 44 |
smtpd_tls_auth_only = yes |
| 45 |
smtpd_tls_key_file = /etc/ssl/postfix/server.key |
| 46 |
smtpd_tls_cert_file = /etc/ssl/postfix/server.crt |
| 47 |
smtpd_tls_CAfile = /etc/ssl/postfix/server.pem |
| 48 |
smtpd_tls_session_cache_timeout = 3600s |
| 49 |
tls_random_source = dev:/dev/urandom |
| 50 |
|
| 51 |
/etc/postfix/master.cf: |
| 52 |
|
| 53 |
smtp inet n - n - - smtpd |
| 54 |
smtps inet n - n - - smtpd |
| 55 |
-o smtpd_tls_wrappermode=yes |
| 56 |
|
| 57 |
/etc/sasl2/smtpd.conf: |
| 58 |
|
| 59 |
mech_list: PLAIN LOGIN |
| 60 |
pwcheck_method:saslauthd |
| 61 |
|
| 62 |
- Grant |
| 63 |
-- |
| 64 |
gentoo-user@l.g.o mailing list |
Archives