[Postfix-User]Authenticated User Using Dovecot Cannot Relay
Sorry if this question already asked, I'm configuring postfix for SMTP AUTH with dovecot and here's my main.cf configuration alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 html_directory = no inet_interfaces = 127.0.0.1, 192.168.101.245 mail_owner = postfix mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain mydomain = kantor.com myhostname = ns-1.kantor.com newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_relay_domains smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/pki/tls/certs/mail.kantor.com.cert smtpd_tls_key_file = /etc/pki/tls/private/mail.kantor.com.key smtpd_tls_loglevel = 1 smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 and if my client try to send email from outside the network in maillog, it's display : Aug 5 10:20:37 ns-1 dovecot: pop3-login: Login: user=samuel, method=PLAIN, rip=:::192.169.54.147, lip=:::192.168.101.245, TLS Aug 5 10:20:37 ns-1 dovecot: POP3(samuel): Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0 Aug 5 10:21:15 ns-1 postfix/smtpd[15817]: connect from unknown[192.169.54.147] Aug 5 10:21:15 ns-1 postfix/smtpd[15817]: setting up TLS connection from unknown[192.169.54.147] Aug 5 10:21:15 ns-1 postfix/smtpd[15817]: TLS connection established from unknown[192.169.54.147]: TLSv1 with cipher RC4-MD5 (128/128 bits) Aug 5 10:21:15 ns-1 postfix/smtpd[15817]: NOQUEUE: reject: RCPT from unknown[192.169.54.147]: 554 5.7.1 imanuel.a.si...@rumah.com: Relay access denied; from=sam...@kantor.com to=imanuel.a.si...@rumah.com proto=ESMTP helo=IBMLaptop Aug 5 10:21:18 ns-1 postfix/smtpd[15817]: disconnect from unknown[192.169.54.147] if there's some mistake that i made in my main.cf or something else that's all from me thank's a lot your kind help -- Regards Samuel Sappa,
Re: [Postfix-User]Authenticated User Using Dovecot Cannot Relay
On Tuesday 04 August 2009 23:12:56 Samuel Sappa wrote: Sorry if this question already asked, Lots of times. I'm configuring postfix for SMTP AUTH with dovecot and here's my main.cf configuration [snip] and if my client try to send email from outside the network in maillog, it's display : Aug 5 10:20:37 ns-1 dovecot: pop3-login: Login: user=samuel, method=PLAIN, rip=:::192.169.54.147, lip=:::192.168.101.245, TLS Aug 5 10:20:37 ns-1 dovecot: POP3(samuel): Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0 These are Dovecot POP3 logs, not Postfix. Aug 5 10:21:15 ns-1 postfix/smtpd[15817]: connect from unknown[192.169.54.147] Aug 5 10:21:15 ns-1 postfix/smtpd[15817]: setting up TLS connection from unknown[192.169.54.147] Aug 5 10:21:15 ns-1 postfix/smtpd[15817]: TLS connection established from unknown[192.169.54.147]: TLSv1 with cipher RC4-MD5 (128/128 bits) And that is TLS, not SASL AUTH. At this point in the logs there should be a line showing that AUTH was successful (or failed.) Aug 5 10:21:15 ns-1 postfix/smtpd[15817]: NOQUEUE: reject: RCPT from unknown[192.169.54.147]: 554 5.7.1 imanuel.a.si...@rumah.com: Relay access denied; from=sam...@kantor.com to=imanuel.a.si...@rumah.com proto=ESMTP helo=IBMLaptop Aug 5 10:21:18 ns-1 postfix/smtpd[15817]: disconnect from unknown[192.169.54.147] if there's some mistake that i made in my main.cf or something else that's all from me thank's a lot your kind help There is no evidence that the client attempted to AUTH. The only glaring error in your config, check_relay_domains, is not really an error at all. (It's harmless, but it shows that you have been looking at old, outdated documentation, perhaps such as a poorly-understood third-party HOWTO.) What we've got here is ... failure to authenticate. (Apologies to the late Strother Martin.) This is a very common problem with Microsoft clients. Test and ensure it works with a better client, first. Then Google postfix-users outlook auth to find the scores of other people with the same issue. A gratuitous hint: add mechanism to the search, and you will probably find the second best answer. The best answer: refuse to support broken mail clients! -- Offlist mail to this address is discarded unless /dev/rob0 or not-spam is in Subject: header
