On Thu, Aug 14, 2014 at 02:45:33PM -0700, Quanah Gibson-Mount wrote:
> >235 2.7.0 Authentication successful
> >mail from:testus...@zre-ldap003.eng.zimbra.com
> >250 2.1.0 Ok
> >rcpt to:testus...@zre-ldap002.eng.zimbra.com
> >553 5.7.1 <testus...@zre-ldap003.eng.zimbra.com>: Sender address
> >rejected: not owned by user testus...@zre-ldap003.eng.zimbra.com
> >
> >So I'll need to debug that next. :)
>
> Ok, this is because I have (among other things)
>
> smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch
>
> but nothing set for:
> smtpd_sender_login_maps
>
> It does seem odd to me, that with it set to reject mismatched logins, it
> rejects a matching login when no maps are defined.
Your notion of "matching" is too naive. Mere coincidence of email
address and SASL login name is not a "match". A match is a lookup
result from a table that returns the SASL login as one of the owner
logins.
If you like, you could try:
main.cf:
smtpd_sender_login_maps = pcre:${config_directory}/identity.pcre
identity.pcre:
# Sender addres as SASL user is automatically an owner
/^(.+)$/ ${1}
--
Viktor.
