275965Re: Configuring TLS with sender login maps
- Apr 2, 2011Hi,
>>> Apr 2 01:03:55 fc14 postfix/smtpd: NOQUEUE: reject: RCPT fromOkay, I think I have it working correctly now. I believe my mistake
>>> unknown[184.XXX.XX.223]: 553 5.7.1<myuser@...>: Sender
>>> address rejected: not owned by user alex; from=<myuser@...>
>>> to=<remoteluser@...> proto=ESMTP
>> You're not authenticated.
was with using the incorrect ports for authentication. I think I may
not fully understand the logic behind the whole process still,
I've changed smtpd_tls_security_level to 'may' from 'encrypt' in
main.cf because it also needs to be able to accept mail from non-TLS
authenticated clients (which are actually other postfix servers) in
addition to my K9 android mail client.
Unlike my cell phone, these other mail server have fixed IP addresses.
I believe there is a way to specify a list of servers that explicitly
do not require TLS, is that correct?
In master.cf, I have the following:
submission inet n - n - - smtpd
If I understand this correctly, the connection is first established
over TLS through port 25, then this section enables SASL over that TLS
connection, and only if there is a TLS connection, correct?
I am using the default dovecot certificates. I have been unable to
locate the applications to create a new cert on my fedora14 box. What
am I missing that the lines below state a client certificate was not
requested? Is that an issue with my mail client on my phone, or the
Received: from XXX-YYY-86-66.pools.spcsdns.net
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
(Authenticated sender: alex)
by myhost.myexample.com (Postfix) with ESMTPSA id B2CD3143A23
for <myuser@...>; Sat, 2 Apr 2011 15:33:46 -0400 (EDT)
- << Previous post in topic Next post in topic >>