On Mon, Jan 13, 2020 at 06:25:27PM +0100, Simon B wrote:
> > > >> >Since upgrading to 2.11 yesterday (yes, I am on a path to move up
> > > >> >through debian versions), all mail coming in on
> > > >> >postfix/submission/smtpd is being rejected by the domain check in that
> > > >> >file, even though the user is sasl authenticated.
On Mon, 13 Jan 2020 at 18:44, Viktor Dukhovni
<postfix-us...@dukhovni.org> wrote:
Note, Postfix 2.11 (actually 2.10 IIRC) adds "smtpd_relay_restrictions",
which you don't override in the submission service definition:
On 15.01.20 13:19, Simon B wrote:
Cause and effect in one simple sentence - thanks Viktor!
if you use debian, the default smtpd_relay_restrictions should contain:
smtpd_relay_restrictions=permit_mynetworks permit_sasl_authenticated
defer_unauth_destination
which is the default value. It's added in postfix postinst script.
...unless you have overridden it, in such case it contains what you put
there.
Now looks like this...
10 submission inet n - n - - smtpd
11 -o syslog_name=postfix/submission
Which seems to have solved the problem - or at least just kicked it
down the road. Now there's a slightly different format of the error
when receiving mail from the amavis filter...
Jan 15 11:39:31 mail postfix/smtpd[31588]: connect from localhost[127.0.0.1]
Jan 15 11:39:31 mail postfix/smtpd[31588]: NOQUEUE: reject: RCPT from
localhost[127.0.0.1]: 554 5.7.1 <amavisd.example.net>: Helo command
rejected: Host not found; from=<si...@example.net> to=<
simo...@example.com> proto=ESMTP helo=<amavisd.example.net>
note that this says "postfix/smtpd" and thus it's not related to master.cf
definition of submission above, then would say "postfix/submission/smtpd"
Jan 15 11:39:31 mail amavisd-new[2303]: (02303-14) smtp resp to RCPT
(pip) (<simo...@example.com>): 554 5.7.1 <amavisd.example.net>: Helo
command rejected: Host not found
Despite the fact that I changed those receiver settings in master.cf to:
118 #The amavis reciever
119 127.0.0.1:10025 inet n - - - - smtpd
120 -o content_filter=
121 -o local_recipient_maps=
122 -o relay_recipient_maps=
123 -o smtpd_restriction_classes=
124 -o smtpd_client_restrictions=permit_mynetworks,reject_plaintext_session
125 -o smtpd_helo_restrictions=permit_mynetworks
126 -o smtpd_sender_restrictions=
127 -o smtpd_recipient_restrictions=permit_mynetworks,reject
128 -o mynetworks=127.0.0.0/8
129 -o strict_rfc821_envelopes=yes
130 -o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks
131 -o smtp_bind_address=127.0.0.1
At the moment nothing is going through amavis in either direction, so
that's a problem...
are you sure amavis sends mail through port 10025?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Christian Science Programming: "Let God Debug It!".
