> On Sat, Jan 22, 2022 at 08:01:27AM +1100, raf wrote:
>
>> > It is an issue with email that postfix has received, via fetchmail, and is
>> > attempting to deliver to another system. Authentication is being
>> > attempted, without it being required or requested, at least as far as I
>> > can
> tell.
>>
>> That doesn't sound right. Add that remote server to debug_peer_list
>> to increase the debugging when sending mail to it.
>
> There's no need. The OP reported use of sender dependent
> authentication, which causes any mail *from* some recipients
> to expect to need to authenticate to the nexthop server.
>
> If the messages in question are not in fact routed to a nexthop that
> requires authentication, then sender dependent authentication should
> not be enabled for these users.
>
> IIRC Wietse already suggested a work-around, by making the
> sender-dependent authentication settings be transport-specific.
>
> In particular the internal nexthop that does not do SASL should be
> handled by a transport in which sender-dependent authentication is
> disabled.
>
> --
> Viktor.
Perhaps I am simply slow these last few days. Please bear with me.
While it may already be clear, I'll recap.
I do desire outgoing email, with the "next hop" being my ISP, to have
sender dependent authentication. Incoming email, once processed by
Postfix, SA, ClamAV, is sent to "the last hop" which does no authentication.
I do get, I think, the point you illuminate in last your paragraph that in my
case, a specific inbound transport must be defined for all incoming messages
and this transport must not specify authentication. However, I get a bit fuzzy
about any distinction between "sender dependent authentication" and "no
authentication". Presumably that will require some what different
configuration
than Wietse described?
While I am not expecting anyone to "do it for me", obviously I am not familiar
with
all the configuration items available in a product as complex and evolved as
Postfix,
but find it difficult, at times, to attempt to discover them on my own.
Perhaps they
are all documented and I have simply missed them?
In any event I am nagged however by what causes Postfix to attempt
authentication,
for this oddball email when others sent to the same user do not, with the same
configuration.
Perhaps the answer is "it just does, you have a work around, now go away, you
silly
person",
joe a.
---------------------------------
j4computers, llc
Stone Ridge, NY 12484
845-687-3734
www.j4computers.com
---------------------------------
