On Mon, Mar 11, 2024 at 07:50:22PM -0700, Glenn Tenney via Postfix-users wrote:
> > You should also remove the "smtpd_sasl_auth_enable = yes" from
> > "mail.cf", leaving just the "-o smtpd_sasl_auth_enable=yes" above, and
> > in main.cf set:
>
> No "mail.cf", but only "-o" is left...
I meant "main.cf" of course...
> > Well, it has to be there, unless your syslog configuration filters it
> > out. Here's an example (long line folded) from my system:
> >
> > Mar 10 18:28:39 amnesiac postfix/submission/smtpd[555754]:
> > 00D8B893CE0: client=<censored>, sasl_method=<censored>,
> > sasl_username=<censored>
>
> I truly have no clue why my maillog is so different than yours. I set
> "smtpd_tls_loglevel = 2" and here's the log (on the machine running
> postfix @ domain.name) from gmail connecting, and logging in as
> "auser" and then trying to send an email as "auser" back to me here at
> gmail:
So you decided to add more hay to stack to hide the needle? :-)
Best to set the log level back to 1.
> Mar 11 18:57:11 MACHINE postfix/submission/smtpd[40225]: NOQUEUE:
> reject: RCPT from mail-ua1-f50.google.com[209.85.222.50]: 553 5.7.1
> <au...@domain.name>: Sender address rejected: not owned by user auser;
> from=<au...@domain.name> to=<glenn.ten...@gmail.com> proto=ESMTP
> helo=<mail-ua1-f50.google.com>
Right, the missing "client=" is because the message was not accepted,
and so no queue id was assigned. It seems this was before the changes
to master.cf were made effective.
> And with all of the various changes made, here's the most recent postconf -Mf
>
> smtp inet n - y - - smtpd
> submission inet n - n - - smtpd
> -o syslog_name=postfix/submission
> -o smtpd_tls_wrappermode=no
> -o smtpd_tls_security_level=may
> -o smtpd_sasl_auth_enable=yes
> -o
> smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
> -o milter_macro_daemon_name=ORIGINATING
> -o smtpd_sasl_type=dovecot
> -o smtpd_sasl_path=private/auth
> -o smtpd_sasl_security_options=noanonymous
> -o smtpd_sasl_local_domain=$myhostname
> -o smtpd_client_restrictions=permit_sasl_authenticated,reject
> -o smtpd_sender_restrictions=reject_sender_login_mismatch
Well, if you've restarted Postfix after those changes, it should now
work (a "reload" should actually suffice, but a restart is harmless for
a low-volume personal server).
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
