Re: client-side authentication broken?
On 06/06/2012 01:16 PM, Toni Mueller wrote: Hi, I recently upgraded a machine from Postfix 2.8 to 2.9. The machine uses, amongst other things, a custom transport to facilitate masking outgoing email addresses and sending with SMTP-AUTH. In main.cf, this looks like follows: mtp_sasl_auth_enable = yes smtp_sender_dependent_authentication = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_tls_security_level = encrypt smtp_sasl_security_options = noanonymous In master.cf I now have this in attempt to fix this problem: globalout unix - - - - - smtp -v -v -o smtp_generic_maps=hash:/etc/postfix/global_rewrite -o smtp_sasl_auth_enable=yes -o smtp_sender_dependent_authentication=yes -o smtp_sasl_password_maps=hash:/etc/postfix/sasl_passwd -o smtp_tls_security_level=encrypt -o smtp_sasl_security_options=noanonymous where globalout is the mail transport used for off-site mails. And it is addressed where, exactly ? If you don't *use* a transport, no mail will ever be sent to it. Did you run the configuration upgrade tool provided with postfix when upgrading major versions, as the documentation states you should do ? $ postfix upgrade-configuration I'm betting you did not edit/check main.cf after upgrading, thus losing your transport mapping. $ postconf transport_maps -- J.
client-side authentication broken?
Hi, I recently upgraded a machine from Postfix 2.8 to 2.9. The machine uses, amongst other things, a custom transport to facilitate masking outgoing email addresses and sending with SMTP-AUTH. In main.cf, this looks like follows: mtp_sasl_auth_enable = yes smtp_sender_dependent_authentication = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_tls_security_level = encrypt smtp_sasl_security_options = noanonymous In master.cf I now have this in attempt to fix this problem: globalout unix - - - - - smtp -v -v -o smtp_generic_maps=hash:/etc/postfix/global_rewrite -o smtp_sasl_auth_enable=yes -o smtp_sender_dependent_authentication=yes -o smtp_sasl_password_maps=hash:/etc/postfix/sasl_passwd -o smtp_tls_security_level=encrypt -o smtp_sasl_security_options=noanonymous where globalout is the mail transport used for off-site mails. For some reason, that stopped working: I can't see an authentication attempt on the server side, only a plain TLS connection and then an attempt to push out the email. I'd really like to get this back into working order... suggestions are welcome! TIA! Kind regards, --Toni++
Re: client-side authentication broken?
On Jun 6, 2012, at 13:16, Toni Mueller wrote: I recently upgraded a machine from Postfix 2.8 to 2.9. The machine uses, amongst other things, a custom transport to facilitate masking outgoing email addresses and sending with SMTP-AUTH. In main.cf, this looks like follows: mtp_sasl_auth_enable = yes Is the above a typo in your configuration, or a copy-paste error? Because it should have an 's' in front of it? Cya, Jona -- smtp_sender_dependent_authentication = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_tls_security_level = encrypt smtp_sasl_security_options = noanonymous In master.cf I now have this in attempt to fix this problem: globalout unix - - - - - smtp -v -v -o smtp_generic_maps=hash:/etc/postfix/global_rewrite -o smtp_sasl_auth_enable=yes -o smtp_sender_dependent_authentication=yes -o smtp_sasl_password_maps=hash:/etc/postfix/sasl_passwd -o smtp_tls_security_level=encrypt -o smtp_sasl_security_options=noanonymous where globalout is the mail transport used for off-site mails. For some reason, that stopped working: I can't see an authentication attempt on the server side, only a plain TLS connection and then an attempt to push out the email. I'd really like to get this back into working order... suggestions are welcome! TIA! Kind regards, --Toni++
Re: client-side authentication broken?
Hi, On Wed, Jun 06, 2012 at 03:43:21PM +0200, DTNX Postmaster wrote: On Jun 6, 2012, at 13:16, Toni Mueller wrote: In main.cf, this looks like follows: mtp_sasl_auth_enable = yes Is the above a typo in your configuration, or a copy-paste error? Because it should have an 's' in front of it? thanks for pointing this out. It's a copypaste error. The file really has the 's' where it belongs. Kind regards, --Toni++