289480Re: Client can't access through submission protocol
- Nov 17, 2012On 13/11/12 19:08, Noel Jones wrote:
> On 11/13/2012 1:30 AM, Pierre-Gilles RAYNAUD wrote:Thank you for the advice.
>> Hi Everyone,
>> The submission port is setup like this
>> submission inet n - n - - smtpd
>> -o smtpd_tls_security_level=encrypt
>> -o smtpd_sasl_auth_enable=yes
>> -o smtpd_sasl_security_options=noanonymous
> OK so far.
>> -o milter_macro_daemon_name=ORIGINATING
> This isn't the cause of your rejections, but the
> reject_non_fqdn_recipient above is useless. If mail is in
> mynetworks or authenticated, it will pass anyway. Otherwise it is
> rejected anyway. If you want to enforce non fqdn recipient, move it
> to the front of the list.
I have updated accordingly.
I used an example as model.
>> and when the client application is outside the mynetwork definition,I did.
>> i.e.: domaingprs.tld (see below)
>> we get this error,
>> Nov 11 14:16:31 serv001 postfix/smtpd: connect from
>> Nov 11 14:16:42 serv001 postfix/smtpd: NOQUEUE: reject: RCPT
>> from wn1nat29.domaingprs.tld[xxx.yyy.zzz..29]: 454 4.7.1
>> <wn1nat29.domaingprs.tld[xxx.yyy.zzz.29]>: Client host rejected: Access
>> denied; from=<user@...> to=<someone@...
>> <mailto:someone@...>> proto=ESMTP
>> Nov 11 14:16:48 serv001 postfix/smtpd: disconnect from
>> but when the client application is inside our network definition, the
>> mail is correctly sent.
> Your settings in main.cf are interfering with your submission port.
> Add to your submission entry:
> -o smtpd_helo_restrictions=
> -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
> You might want to add permit_mynetworks to the above also, but
> that's not usually used on the submission port.
> -- Noel Jones
But the issue was elsewehre .... and solved
Thank you for your time and advice.
- << Previous post in topic