LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   Postfix auth and relay (http://www.linuxquestions.org/questions/linux-server-73/postfix-auth-and-relay-938368/)

mwjones 04-05-2012 05:49 PM

Postfix auth and relay
 
I am trying to get postfix set up on my Debian system such that an authenticated virtual user can send email to any public address on the internet. All the solutions I have found while googling suggest inflexible solutions such as adding 'gmail.com' to mydestination. Could you please point me in the right direction for configuring postfix to auth via the plain or login mechanism (these show with an EHLO currently) and then allow relay of mails to external domains?

At present, such messages are met with a 554:

Code:

554 5.7.1 <property.of.mike.jones@gmail.com>: Recipient address rejected: Access denied
Here are two test cases for my system, example.com:

1:
Connect and auth to example.com
Send mail from mwjones@example.com to property.of.mike.jones@gmail.com
Send successful
Close connection

2:
Connect to example.com
Attempt to send mail from evilscan@spam.cn to support@newegg.com
Get rejected
Close connection

Here is my postconf -n:

Code:

$ sudo postconf -n
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
home_mailbox = .system/
inet_interfaces = all
inet_protocols = ipv4
local_recipient_maps =
mailbox_command =
mailbox_size_limit = 0
mydestination = mail.example.com, localhost.localdomain, localhost
myhostname = example.com
mynetworks = 127.0.0.0/8 1.2.3.4
myorigin = /etc/mailname
recipient_delimiter = +
relayhost = mail.example.com
smtp_tls_note_starttls_offer = yes
smtpd_delay_reject = yes
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/apache2/ssl/cert-mwjones.com.crt
smtpd_tls_key_file = /etc/apache2/ssl/mwjones.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
virtual_gid_maps = static:1030
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = /etc/postfix/vdomain
virtual_mailbox_maps = hash:/etc/postfix/vmailbox
virtual_minimum_uid = 1030
virtual_uid_maps = static:1030

What do I need to add to main.cf?

descendant_command 04-05-2012 06:27 PM

Quote:

Originally Posted by mwjones (Post 4645857)
Code:

smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot

What do I need to add to main.cf?

You've set it to use dovecot for auth.
Have you also configured the client auth in the dovecot conf?

Noway2 04-05-2012 06:52 PM

Here is a how to document that I think is pretty good. I believe it is at least very close to what you want, virtual users, SASL authentication, and Dovecot. Link Here.

Setting up a mail server is not a trivial task and it is likely going to take you several weeks worth of effort to get it going. Do not give up. Instead you need to focus on trying to work through the error messages, each of which will tell you an important clue as to what is not configured properly and try to understand what the configuration parameters do (this will take time).

I would suggest enabling the advanced debugging features in both postfix and dovecot. One suggestion to consider is to use postfixadmin to help configure the database for your virtual users. Also remember that there is a SQL Schema that you need to import into your database to configure the tables properly.


All times are GMT -5. The time now is 03:44 AM.