LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 04-05-2012, 05:49 PM   #1
mwjones
LQ Newbie
 
Registered: Mar 2010
Posts: 22

Rep: Reputation: 0
Question Postfix auth and relay


I am trying to get postfix set up on my Debian system such that an authenticated virtual user can send email to any public address on the internet. All the solutions I have found while googling suggest inflexible solutions such as adding 'gmail.com' to mydestination. Could you please point me in the right direction for configuring postfix to auth via the plain or login mechanism (these show with an EHLO currently) and then allow relay of mails to external domains?

At present, such messages are met with a 554:

Code:
554 5.7.1 <property.of.mike.jones@gmail.com>: Recipient address rejected: Access denied
Here are two test cases for my system, example.com:

1:
Connect and auth to example.com
Send mail from mwjones@example.com to property.of.mike.jones@gmail.com
Send successful
Close connection

2:
Connect to example.com
Attempt to send mail from evilscan@spam.cn to support@newegg.com
Get rejected
Close connection

Here is my postconf -n:

Code:
$ sudo postconf -n
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
home_mailbox = .system/
inet_interfaces = all
inet_protocols = ipv4
local_recipient_maps =
mailbox_command =
mailbox_size_limit = 0
mydestination = mail.example.com, localhost.localdomain, localhost
myhostname = example.com
mynetworks = 127.0.0.0/8 1.2.3.4
myorigin = /etc/mailname
recipient_delimiter = +
relayhost = mail.example.com
smtp_tls_note_starttls_offer = yes
smtpd_delay_reject = yes
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/apache2/ssl/cert-mwjones.com.crt
smtpd_tls_key_file = /etc/apache2/ssl/mwjones.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
virtual_gid_maps = static:1030
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = /etc/postfix/vdomain
virtual_mailbox_maps = hash:/etc/postfix/vmailbox
virtual_minimum_uid = 1030
virtual_uid_maps = static:1030
What do I need to add to main.cf?
 
Old 04-05-2012, 06:27 PM   #2
descendant_command
Member
 
Registered: Mar 2012
Posts: 807

Rep: Reputation: 182Reputation: 182
Quote:
Originally Posted by mwjones View Post
Code:
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
What do I need to add to main.cf?
You've set it to use dovecot for auth.
Have you also configured the client auth in the dovecot conf?
 
Old 04-05-2012, 06:52 PM   #3
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
Here is a how to document that I think is pretty good. I believe it is at least very close to what you want, virtual users, SASL authentication, and Dovecot. Link Here.

Setting up a mail server is not a trivial task and it is likely going to take you several weeks worth of effort to get it going. Do not give up. Instead you need to focus on trying to work through the error messages, each of which will tell you an important clue as to what is not configured properly and try to understand what the configuration parameters do (this will take time).

I would suggest enabling the advanced debugging features in both postfix and dovecot. One suggestion to consider is to use postfixadmin to help configure the database for your virtual users. Also remember that there is a SQL Schema that you need to import into your database to configure the tables properly.
 
  


Reply

Tags
auth, internet, postfix, relay


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix relay to ISP's auth smtp server henkie32 Linux - Server 5 08-30-2012 03:20 AM
Postfix - relay access denied - outlook 2010 auth bug? CopalFreak Linux - Server 3 04-04-2012 02:26 PM
[SOLVED] Postfix: SMTP Relay Access Denied with external auth'd clients Gargravarr2112 Linux - Server 3 02-12-2012 08:29 AM
Postfix - allow non-auth connections from local network, relay mail via SASL AUTH fantasygoat Linux - Server 1 10-14-2011 04:45 PM
[Postfix/SMTPD] Getting no AUTH from server; open relay superhausi Linux - Security 2 11-19-2008 05:37 PM


All times are GMT -5. The time now is 12:54 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration