Loading ...
Sorry, an error occurred while loading the content.

Re: Enabling sender-dependent authentication only for fallback relay?

Expand Messages
  • Victor Duchovni
    ... You have to use a fallback relay setting that sends the mail to a second Postfix instance on your machine, and have that instance send all mail to the
    Message 1 of 10 , May 2, 2011
    • 0 Attachment
      On Sun, May 01, 2011 at 09:46:51PM -0700, Rich Wales wrote:

      > [Short version of my question: Is there any way to enable sender-
      > dependent authentication *only* when mail is being sent out via my
      > smtp_fallback_relay host, and *not* when I am sending mail directly
      > to a destination MX? I do not have any "relayhost" defined because
      > I am trying to send mail directly to a destination.]

      You have to use a fallback relay setting that sends the mail to a second
      Postfix instance on your machine, and have that instance send all mail
      to the relay, with sender-dependent authentication.

      smtp_fallback_relay=[127.0.0.1]:10035

      This would be a full Postfix instance, not just another master.cf entry:

      http://www.postfix.org/MULTI_INSTANCE_README.html

      --
      Viktor.
    • Rich Wales
      ... With all possible respect, Wietse, I believe I already provided ample concrete detail in my original message from last night. If you would prefer to
      Message 2 of 10 , May 2, 2011
      • 0 Attachment
        > There is a lot of "did not work" without concrete detail: actual
        > configuration, actual error responses. See my response in a recent
        > thread: . . .

        With all possible respect, Wietse, I believe I already provided ample
        concrete detail in my original message from last night. If you would
        prefer to simply ignore my second message (in which I tried to say
        that a possible workaround I had considered doesn't seem to work) and
        consider only my original message (perhaps ignoring the paragraph near
        the end starting with "I'm starting to ponder"), I won't object.

        Rich Wales
        richw@...
      • Rich Wales
        ... Thanks, Victor. A followup question, if I may. Briefly, can you help me understand what is going on in a situation like mine that will require the use of
        Message 3 of 10 , May 2, 2011
        • 0 Attachment
          > You have to use a fallback relay setting that sends the mail to a second
          > Postfix instance on your machine, and have that instance send all mail
          > to the relay, with sender-dependent authentication. This would be a full
          > Postfix instance, not just another master.cf entry:

          Thanks, Victor.

          A followup question, if I may. Briefly, can you help me understand what is
          going on in a situation like mine that will require the use of a second,
          completely separate Postfix instance (and precludes doing what I want to do
          in a separate master.cf entry)?

          Rich Wales
          richw@...
        • Victor Duchovni
          ... The mail must be handled by a second separately configured smtp(8) delivery agent, and therefore, must be placed in a separate queue, which requires a
          Message 4 of 10 , May 2, 2011
          • 0 Attachment
            On Mon, May 02, 2011 at 02:00:52PM -0700, Rich Wales wrote:

            > > You have to use a fallback relay setting that sends the mail to a second
            > > Postfix instance on your machine, and have that instance send all mail
            > > to the relay, with sender-dependent authentication. This would be a full
            > > Postfix instance, not just another master.cf entry:
            >
            > Thanks, Victor.
            >
            > A followup question, if I may. Briefly, can you help me understand what is
            > going on in a situation like mine that will require the use of a second,
            > completely separate Postfix instance (and precludes doing what I want to do
            > in a separate master.cf entry)?

            The mail must be handled by a second separately configured smtp(8) delivery
            agent, and therefore, must be placed in a separate queue, which requires
            a separate instance.

            If the message were handed off to the same queue-manager it would loop.

            --
            Viktor.
          • Rich Wales
            ... Ah. And, not surprisingly, when I tried to solve my problem using an alternative smtp in my master.cf, it did precisely that -- the second smtp threw the
            Message 5 of 10 , May 2, 2011
            • 0 Attachment
              > The mail must be handled by a second separately configured smtp(8)
              > delivery agent, and therefore, must be placed in a separate queue,
              > which requires a separate instance. If the message were handed off
              > to the same queue-manager it would loop.

              Ah. And, not surprisingly, when I tried to solve my problem using an
              alternative smtp in my master.cf, it did precisely that -- the second
              smtp threw the message back into the queue, and my one-and-only Postfix
              dutifully pulled it out of the queue and processed it all over again
              from scratch, leading to a loop.

              So I assume there's no way to tag messages in a single Postfix queue
              with some sort of "already processed once -- let the secondary smtp
              agent take care of this one" marker? Instead, doing this requires a
              separate Postfix instance (with its own separate queue)?

              Rich Wales
              richw@...
            • Victor Duchovni
              ... Yes, and this is no less efficient, and in fact the configuration is IMHO simpler, and mailq(1) output is more meaningful, ... -- Viktor.
              Message 6 of 10 , May 2, 2011
              • 0 Attachment
                On Mon, May 02, 2011 at 02:33:31PM -0700, Rich Wales wrote:

                > > The mail must be handled by a second separately configured smtp(8)
                > > delivery agent, and therefore, must be placed in a separate queue,
                > > which requires a separate instance. If the message were handed off
                > > to the same queue-manager it would loop.
                >
                > Ah. And, not surprisingly, when I tried to solve my problem using an
                > alternative smtp in my master.cf, it did precisely that -- the second
                > smtp threw the message back into the queue, and my one-and-only Postfix
                > dutifully pulled it out of the queue and processed it all over again
                > from scratch, leading to a loop.
                >
                > So I assume there's no way to tag messages in a single Postfix queue
                > with some sort of "already processed once -- let the secondary smtp
                > agent take care of this one" marker? Instead, doing this requires a
                > separate Postfix instance (with its own separate queue)?

                Yes, and this is no less efficient, and in fact the configuration is
                IMHO simpler, and mailq(1) output is more meaningful, ...

                --
                Viktor.
              • Rich Wales
                ... Thanks again. As it turned out, I was able to find a way to authenticate to my web hosting service s outbound SMTP server using a single username/password
                Message 7 of 10 , May 2, 2011
                • 0 Attachment
                  > Yes, and this is no less efficient, and in fact the configuration
                  > is IMHO simpler, and mailq(1) output is more meaningful, ...

                  Thanks again.

                  As it turned out, I was able to find a way to authenticate to my web
                  hosting service's outbound SMTP server using a single username/password
                  combo -- and thereby stop having to use sender-dependent authentication,
                  and thus avoid the problems which accompanied the sending of my auth
                  credentials to random servers, without needing to do anything complex.

                  For the time being, I'm happy. :-) Thanks to everyone for their help.

                  Rich Wales
                  richw@...
                Your message has been successfully submitted and would be delivered to recipients shortly.