Sending mail unauthenticated with dovecot sasl activatedIssue with sending mails from thunderbird via...
Quenching swords in dragon blood; why?
If all harmonics are generated by plucking, how does a guitar string produce a pure frequency sound?
Dilemma of explaining to interviewer that he is the reason for declining second interview
Inventor that creates machine that grabs man from future
Is the theory of the category of topological spaces computable?
Is my plan for fixing my water heater leak bad?
Why do neural networks need so many training examples to perform?
What to do when being responsible for data protection in your lab, yet advice is ignored?
How to satisfy a player character's curiosity about another player character?
Has the Isbell–Freyd criterion ever been used to check that a category is concretisable?
How can I mix up weapons for large groups of similar monsters/characters?
Meaning of すきっとした
Which branches of mathematics can be done just in terms of morphisms and composition?
Do authors have to be politically correct in article-writing?
Why is working on the same position for more than 15 years not a red flag?
Wanted: 5.25 floppy to usb adapter
Find the number of ways to express 1050 as sum of consecutive integers
Why didn't Eru and/or the Valar intervene when Sauron corrupted Númenor?
Finding ratio of the area of triangles
Proof by Induction - New to proofs
What's the purpose of these copper coils with resitors inside them in A Yamaha RX-V396RDS amplifier?
What is Crew Dragon approaching in this picture?
Meth dealer reference in Family Guy
Where is this triangular-shaped space station from?
Sending mail unauthenticated with dovecot sasl activated
Issue with sending mails from thunderbird via postfixPostfix forwarding issueCan't connect to Postfix/Dovecot with Airmail.app but I can with Mail.app (Connection refused?)POSTFIX fatal: no SASL authentication mechanismsSASL authentication failure: Password verification failed (postfix + cyrus + saslauthd)Postfix alias only forwarding to local usersPostfix very slow deliverypostfix authenticate disable smtp port 25, but 587warning: /usr/lib/postfix/smtpd: bad command startup — throttlingMy mail server is sending a lot of spam using my domain
0
Here is a basic example of a telnet example to my server:
[arch@myhost ~]$ telnet mydomain.com 25
Trying 192.168.1.25...
Connected to mydomain.com.
Escape character is '^]'.
220 mydomain.mydomain.com ESMTP Postfix (Ubuntu)
ehlo mydomain.com
250-mydomain.mydomain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: user1@mydomain.com
250 2.1.0 Ok
rcpt to: user2@mydomain.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
test
.
250 2.0.0 Ok: queued as 9D9AE6252B
quit
221 2.0.0 Bye
Connection closed by foreign host.
My postfix configurations
/etc/postix/main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls = no
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks,permit_sasl_authenticated,defer_unauth_destination
myhostname = mydomain.mydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/hostname
mydestination = localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
home_mailbox = Maildir/
mailbox_command =
smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_checks, check_client_access cidr:/etc/postfix/blacklist_cidr,check_client_access hash:/etc/postfix/blacklist,reject_unknown_recipient_domain,reject_non_fqdn_recipient, reject_unlisted_recipient,permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,permit_sasl_authenticated,check_helo_access pcre:/etc/postfix/helo_access.pcre
smtpd_sender_restrictions = reject_unknown_sender_domain,reject_non_fqdn_sender,reject_unlisted_sender,reject_sender_login_mismatch,permit_sasl_authenticated,permit_mynetworks,check_sender_access pcre:/etc/postfix/sender_access.pcre
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = no
header_checks = regexp:/etc/postfix/header_checks
body_checks = pcre:/etc/postfix/body_checks.pcre
virtual_mailbox_base = /home/vmail
virtual_alias_maps = proxy:mysql:/etc/postfix/postfix-db/virtual_alias_maps.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/postfix-db/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/postfix-db/virtual_mailbox_maps.cf
virtual_transport = virtual
local_transport = virtual
virtual_minimum_uid = 5000
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
/etc/postfix/master.cf
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (no) (never) (100)
# ==========================================================================
smtp inet n - y - - smtpd
#smtp inet n - y - 1 postscreen
#smtpd pass - - y - - smtpd
#dnsblog unix - - y - 0 dnsblog
#tlsproxy unix - - y - 0 tlsproxy
submission inet n - n - - smtpd
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
-o smtpd_sasl_security_options=noanonymous
-o smtpd_sasl_local_domain=$myhostname
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_sender_login_maps=hash:/etc/postfix/virtual
-o smtpd_sender_restrictions=reject_sender_login_mismatch
-o smtpd_recipient_restrictions=reject_unknown_recipient_domain,permit_sasl_authenticated,reject
..........................
Relevant dovecot configuration
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
unix_listener auth-master {
mode = 0666
user = vmail
group = vmail
}
unix_listener auth-userdb {
mode = 0660
user = vmail
group = vmail
}
}
Some logs with no errors
Mar 3 15:20:01 mydomain postfix/smtpd[1527]: 9D9AE6252B: client=unknown[192.168.1.2]
Mar 3 15:20:08 mydomain postfix/cleanup[1533]: 9D9AE6252B: message-id=<>
Mar 3 15:20:08 mydomain postfix/qmgr[1354]: 9D9AE6252B: from=<user1@mydomain.com>, size=189, nrcpt=1 (queue active)
Mar 3 15:20:08 mydomain postfix/virtual[1534]: 9D9AE6252B: to=<user2@mydomain.com>, relay=virtual, delay=21, delays=21/0.02/0/0.25, dsn=2.0.0, status=sent (delivered to maildir)
Mar 3 15:20:08 mydomain postfix/qmgr[1354]: 9D9AE6252B: removed
Mar 3 15:20:12 mydomain postfix/smtpd[1527]: disconnect from unknown[192.168.1.2] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
postfix dovecot sasl
asked 12 hours ago
anon123anon123
1
New contributor
anon123 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
0
Here is a basic example of a telnet example to my server:
[arch@myhost ~]$ telnet mydomain.com 25
Trying 192.168.1.25...
Connected to mydomain.com.
Escape character is '^]'.
220 mydomain.mydomain.com ESMTP Postfix (Ubuntu)
ehlo mydomain.com
250-mydomain.mydomain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: user1@mydomain.com
250 2.1.0 Ok
rcpt to: user2@mydomain.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
test
.
250 2.0.0 Ok: queued as 9D9AE6252B
quit
221 2.0.0 Bye
Connection closed by foreign host.
My postfix configurations
/etc/postix/main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls = no
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks,permit_sasl_authenticated,defer_unauth_destination
myhostname = mydomain.mydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/hostname
mydestination = localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
home_mailbox = Maildir/
mailbox_command =
smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_checks, check_client_access cidr:/etc/postfix/blacklist_cidr,check_client_access hash:/etc/postfix/blacklist,reject_unknown_recipient_domain,reject_non_fqdn_recipient, reject_unlisted_recipient,permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,permit_sasl_authenticated,check_helo_access pcre:/etc/postfix/helo_access.pcre
smtpd_sender_restrictions = reject_unknown_sender_domain,reject_non_fqdn_sender,reject_unlisted_sender,reject_sender_login_mismatch,permit_sasl_authenticated,permit_mynetworks,check_sender_access pcre:/etc/postfix/sender_access.pcre
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = no
header_checks = regexp:/etc/postfix/header_checks
body_checks = pcre:/etc/postfix/body_checks.pcre
virtual_mailbox_base = /home/vmail
virtual_alias_maps = proxy:mysql:/etc/postfix/postfix-db/virtual_alias_maps.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/postfix-db/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/postfix-db/virtual_mailbox_maps.cf
virtual_transport = virtual
local_transport = virtual
virtual_minimum_uid = 5000
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
/etc/postfix/master.cf
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (no) (never) (100)
# ==========================================================================
smtp inet n - y - - smtpd
#smtp inet n - y - 1 postscreen
#smtpd pass - - y - - smtpd
#dnsblog unix - - y - 0 dnsblog
#tlsproxy unix - - y - 0 tlsproxy
submission inet n - n - - smtpd
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
-o smtpd_sasl_security_options=noanonymous
-o smtpd_sasl_local_domain=$myhostname
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_sender_login_maps=hash:/etc/postfix/virtual
-o smtpd_sender_restrictions=reject_sender_login_mismatch
-o smtpd_recipient_restrictions=reject_unknown_recipient_domain,permit_sasl_authenticated,reject
..........................
Relevant dovecot configuration
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
unix_listener auth-master {
mode = 0666
user = vmail
group = vmail
}
unix_listener auth-userdb {
mode = 0660
user = vmail
group = vmail
}
}
Some logs with no errors
Mar 3 15:20:01 mydomain postfix/smtpd[1527]: 9D9AE6252B: client=unknown[192.168.1.2]
Mar 3 15:20:08 mydomain postfix/cleanup[1533]: 9D9AE6252B: message-id=<>
Mar 3 15:20:08 mydomain postfix/qmgr[1354]: 9D9AE6252B: from=<user1@mydomain.com>, size=189, nrcpt=1 (queue active)
Mar 3 15:20:08 mydomain postfix/virtual[1534]: 9D9AE6252B: to=<user2@mydomain.com>, relay=virtual, delay=21, delays=21/0.02/0/0.25, dsn=2.0.0, status=sent (delivered to maildir)
Mar 3 15:20:08 mydomain postfix/qmgr[1354]: 9D9AE6252B: removed
Mar 3 15:20:12 mydomain postfix/smtpd[1527]: disconnect from unknown[192.168.1.2] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
postfix dovecot sasl
asked 12 hours ago
anon123anon123
1
New contributor
anon123 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
0
0
0
Here is a basic example of a telnet example to my server:
[arch@myhost ~]$ telnet mydomain.com 25
Trying 192.168.1.25...
Connected to mydomain.com.
Escape character is '^]'.
220 mydomain.mydomain.com ESMTP Postfix (Ubuntu)
ehlo mydomain.com
250-mydomain.mydomain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: user1@mydomain.com
250 2.1.0 Ok
rcpt to: user2@mydomain.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
test
.
250 2.0.0 Ok: queued as 9D9AE6252B
quit
221 2.0.0 Bye
Connection closed by foreign host.
My postfix configurations
/etc/postix/main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls = no
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks,permit_sasl_authenticated,defer_unauth_destination
myhostname = mydomain.mydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/hostname
mydestination = localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
home_mailbox = Maildir/
mailbox_command =
smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_checks, check_client_access cidr:/etc/postfix/blacklist_cidr,check_client_access hash:/etc/postfix/blacklist,reject_unknown_recipient_domain,reject_non_fqdn_recipient, reject_unlisted_recipient,permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,permit_sasl_authenticated,check_helo_access pcre:/etc/postfix/helo_access.pcre
smtpd_sender_restrictions = reject_unknown_sender_domain,reject_non_fqdn_sender,reject_unlisted_sender,reject_sender_login_mismatch,permit_sasl_authenticated,permit_mynetworks,check_sender_access pcre:/etc/postfix/sender_access.pcre
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = no
header_checks = regexp:/etc/postfix/header_checks
body_checks = pcre:/etc/postfix/body_checks.pcre
virtual_mailbox_base = /home/vmail
virtual_alias_maps = proxy:mysql:/etc/postfix/postfix-db/virtual_alias_maps.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/postfix-db/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/postfix-db/virtual_mailbox_maps.cf
virtual_transport = virtual
local_transport = virtual
virtual_minimum_uid = 5000
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
/etc/postfix/master.cf
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (no) (never) (100)
# ==========================================================================
smtp inet n - y - - smtpd
#smtp inet n - y - 1 postscreen
#smtpd pass - - y - - smtpd
#dnsblog unix - - y - 0 dnsblog
#tlsproxy unix - - y - 0 tlsproxy
submission inet n - n - - smtpd
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
-o smtpd_sasl_security_options=noanonymous
-o smtpd_sasl_local_domain=$myhostname
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_sender_login_maps=hash:/etc/postfix/virtual
-o smtpd_sender_restrictions=reject_sender_login_mismatch
-o smtpd_recipient_restrictions=reject_unknown_recipient_domain,permit_sasl_authenticated,reject
..........................
Relevant dovecot configuration
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
unix_listener auth-master {
mode = 0666
user = vmail
group = vmail
}
unix_listener auth-userdb {
mode = 0660
user = vmail
group = vmail
}
}
Some logs with no errors
Mar 3 15:20:01 mydomain postfix/smtpd[1527]: 9D9AE6252B: client=unknown[192.168.1.2]
Mar 3 15:20:08 mydomain postfix/cleanup[1533]: 9D9AE6252B: message-id=<>
Mar 3 15:20:08 mydomain postfix/qmgr[1354]: 9D9AE6252B: from=<user1@mydomain.com>, size=189, nrcpt=1 (queue active)
Mar 3 15:20:08 mydomain postfix/virtual[1534]: 9D9AE6252B: to=<user2@mydomain.com>, relay=virtual, delay=21, delays=21/0.02/0/0.25, dsn=2.0.0, status=sent (delivered to maildir)
Mar 3 15:20:08 mydomain postfix/qmgr[1354]: 9D9AE6252B: removed
Mar 3 15:20:12 mydomain postfix/smtpd[1527]: disconnect from unknown[192.168.1.2] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
postfix dovecot sasl
asked 12 hours ago
anon123anon123
1
New contributor
anon123 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Here is a basic example of a telnet example to my server:
[arch@myhost ~]$ telnet mydomain.com 25
Trying 192.168.1.25...
Connected to mydomain.com.
Escape character is '^]'.
220 mydomain.mydomain.com ESMTP Postfix (Ubuntu)
ehlo mydomain.com
250-mydomain.mydomain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: user1@mydomain.com
250 2.1.0 Ok
rcpt to: user2@mydomain.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
test
.
250 2.0.0 Ok: queued as 9D9AE6252B
quit
221 2.0.0 Bye
Connection closed by foreign host.
My postfix configurations
/etc/postix/main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls = no
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks,permit_sasl_authenticated,defer_unauth_destination
myhostname = mydomain.mydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/hostname
mydestination = localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
home_mailbox = Maildir/
mailbox_command =
smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/sender_checks, check_client_access cidr:/etc/postfix/blacklist_cidr,check_client_access hash:/etc/postfix/blacklist,reject_unknown_recipient_domain,reject_non_fqdn_recipient, reject_unlisted_recipient,permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,permit_sasl_authenticated,check_helo_access pcre:/etc/postfix/helo_access.pcre
smtpd_sender_restrictions = reject_unknown_sender_domain,reject_non_fqdn_sender,reject_unlisted_sender,reject_sender_login_mismatch,permit_sasl_authenticated,permit_mynetworks,check_sender_access pcre:/etc/postfix/sender_access.pcre
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = no
header_checks = regexp:/etc/postfix/header_checks
body_checks = pcre:/etc/postfix/body_checks.pcre
virtual_mailbox_base = /home/vmail
virtual_alias_maps = proxy:mysql:/etc/postfix/postfix-db/virtual_alias_maps.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/postfix-db/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/postfix-db/virtual_mailbox_maps.cf
virtual_transport = virtual
local_transport = virtual
virtual_minimum_uid = 5000
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
/etc/postfix/master.cf
#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master" or
# on-line: http://www.postfix.org/master.5.html).
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (no) (never) (100)
# ==========================================================================
smtp inet n - y - - smtpd
#smtp inet n - y - 1 postscreen
#smtpd pass - - y - - smtpd
#dnsblog unix - - y - 0 dnsblog
#tlsproxy unix - - y - 0 tlsproxy
submission inet n - n - - smtpd
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
-o smtpd_sasl_security_options=noanonymous
-o smtpd_sasl_local_domain=$myhostname
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_sender_login_maps=hash:/etc/postfix/virtual
-o smtpd_sender_restrictions=reject_sender_login_mismatch
-o smtpd_recipient_restrictions=reject_unknown_recipient_domain,permit_sasl_authenticated,reject
..........................
Relevant dovecot configuration
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
unix_listener auth-master {
mode = 0666
user = vmail
group = vmail
}
unix_listener auth-userdb {
mode = 0660
user = vmail
group = vmail
}
}
Some logs with no errors
Mar 3 15:20:01 mydomain postfix/smtpd[1527]: 9D9AE6252B: client=unknown[192.168.1.2]
Mar 3 15:20:08 mydomain postfix/cleanup[1533]: 9D9AE6252B: message-id=<>
Mar 3 15:20:08 mydomain postfix/qmgr[1354]: 9D9AE6252B: from=<user1@mydomain.com>, size=189, nrcpt=1 (queue active)
Mar 3 15:20:08 mydomain postfix/virtual[1534]: 9D9AE6252B: to=<user2@mydomain.com>, relay=virtual, delay=21, delays=21/0.02/0/0.25, dsn=2.0.0, status=sent (delivered to maildir)
Mar 3 15:20:08 mydomain postfix/qmgr[1354]: 9D9AE6252B: removed
Mar 3 15:20:12 mydomain postfix/smtpd[1527]: disconnect from unknown[192.168.1.2] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
postfix dovecot sasl
postfix dovecot sasl
asked 12 hours ago
anon123anon123
1
New contributor
anon123 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 12 hours ago
anon123anon123
1
New contributor
anon123 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 12 hours ago
anon123anon123
1
New contributor
anon123 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 12 hours ago
anon123anon123
1
asked 12 hours ago
anon123anon123
1
1
New contributor
anon123 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
anon123 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
anon123 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
anon123 is a new contributor. Be nice, and check out our Code of Conduct.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f956525%2fsending-mail-unauthenticated-with-dovecot-sasl-activated%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
anon123 is a new contributor. Be nice, and check out our Code of Conduct.
draft saved
draft discarded
anon123 is a new contributor. Be nice, and check out our Code of Conduct.
anon123 is a new contributor. Be nice, and check out our Code of Conduct.
anon123 is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f956525%2fsending-mail-unauthenticated-with-dovecot-sasl-activated%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
