> No indication that the user authenticated. When someone
> authenticates you'll get a log line something like
> Feb 12 09:24:06 mgate2 postfix/smtpd[93626]: E4E077978A8:
> client=user.example.org[192.168.1.163], sasl_method=CRAM-MD5,
> sasl_username=username
Ive been looking at this for a couple days now, still having
problems. Im getting the following now:
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]: connect from
99-74-xxx-xxx.lightspeed.cicril.sbcglobal.net[99.74.xxx.xxx]
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]: setting up TLS connection from
99-74-xxx-xxx.lightspeed.cicril.sbcglobal.net[99.74.xxx.xxx]
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]:
99-74-xxx-xxx.lightspeed.cicril.sbcglobal.net[99.74.xxx.xxx]: TLS cipher list
"ALL:+RC4:@STRENGTH"
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]: SSL_accept:before/accept
initialization
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]:
99-74-xxx-xxx.lightspeed.cicril.sbcglobal.net[99.74.xxx.xxx]: looking up
session 8B580343BBAB1CDFF37061B0F6
AADCBFAE2FC46F96A7BB40B0A73D14C60B7A23&s=44116 in smtpd cache
Feb 17 13:29:05 202010-1 postfix/tlsmgr[21554]: lookup smtpd session
id=8B580343BBAB1CDFF37061B0F6AADCBFAE2FC46F96A7BB40B0A73D14C60B7A23&s=44116
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]: SSL_accept:SSLv3 read client
hello B
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]: SSL_accept:SSLv3 write server
hello A
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]: SSL_accept:SSLv3 write
certificate A
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]: SSL_accept:SSLv3 write key
exchange A
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]: SSL_accept:SSLv3 write server
done A
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]: SSL_accept:SSLv3 flush data
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]: SSL_accept:SSLv3 read client key
exchange A
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]: SSL_accept:SSLv3 read finished A
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]: SSL_accept:SSLv3 write change
cipher spec A
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]: SSL_accept:SSLv3 write finished A
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]: SSL_accept:SSLv3 flush data
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]:
99-74-xxx-xxx.lightspeed.cicril.sbcglobal.net[99.74.xxx.xxx]: save session
4C77493FCAD703043FECE8FEC020E207
78D68D4E951E4EFAE169E18779AE884F&s=44116 to smtpd cache
Feb 17 13:29:05 202010-1 postfix/tlsmgr[21554]: put smtpd session
id=4C77493FCAD703043FECE8FEC020E20778D68D4E951E4EFAE169E18779AE884F&s=44116
[data 127 by
tes]
Feb 17 13:29:05 202010-1 postfix/tlsmgr[21554]: write smtpd TLS cache entry
4C77493FCAD703043FECE8FEC020E20778D68D4E951E4EFAE169E18779AE884F&s=44116: time
=1266431345 [data 127 bytes]
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]: Anonymous TLS connection
established from 99-74-xxx-xxx.lightspeed.cicril.sbcglobal.net[99.74.xxx.xxx]:
TLS
v1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Feb 17 13:29:05 202010-1 dovecot: auth(default): client in: AUTH 2
PLAIN service=smtp nologin lip=204.12.98.91 rip=99.74.xxx.xxxr
esp=<hidden>
Feb 17 13:29:05 202010-1 dovecot: auth(default):
passwd-file(jeff,99.74.xxx.xxx): lookup: user=jeff file=/etc/shadow
Feb 17 13:29:05 202010-1 dovecot: auth(default): client out: OK 2
user=jeff
Feb 17 13:29:05 202010-1 postfix/smtpd[21553]: NOQUEUE: reject: RCPT from
99-74-xxx-xxx.lightspeed.cicril.sbcglobal.net[99.74.xxx.xxx]: 554 5.7.1 <j...@ra
hul.net>: Relay access denied; from=<j...@mydomain.com> to=<j...@rahul.net>
proto=ESMTP helo=<[192.168.2.11]>
Feb 17 13:29:06 202010-1 postfix/smtpd[21553]: disconnect from
99-74-xxx-xxx.lightspeed.cicril.sbcglobal.net[99.74.xxx.xxx]
It appears (afaik) that Im authenticating from the log file above.
I also set 'smtpd_tls_auth_only = no' and manually tested the
authentication as working via telnet.
250-PIPELINING
250-SIZE 15000000
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
auth plain AGplZmYAYkhrb3FhMjI=
235 2.7.0 Authentication successful
quit
221 2.0.0 Bye
I still cant seem to get remote relay access (smtp relaying)
to work for single users (u...@mydomain.com). Ive used
mynetworks to relay for static ip's just fine, however I
need it to work with my users who can be located anywhere,
not just from a single static IP address.
Ive gone through the docs several times (and possibly
missed things), but as far as I can tell, Im suppossed to
use:
relay_recipient_maps = hash:/etc/postfix/relay_recipients
relay_domains = hash:/etc/postfix/relay_domains
to get this to work.
relay_recipients contains:
j...@mydomain.com ok
relay_domains contains:
mydomain.com relay
Sorry if this is getting old (it is for me also) :)
Im just trying to understand how this thing is suppossed
to work, especially so I dont become an open relay.
I appreciate your patience.
Jeff
