Loading ...
Sorry, an error occurred while loading the content.

Re: questions about functions in postfix

Expand Messages
  • Viktor Dukhovni
    ... You re not paying attention: smtpd != smtp ... You re still not paying attention: smtpd != smtp ... That attention thing is a real problem... ...
    Message 1 of 11 , Feb 7, 2013
    • 0 Attachment
      On Thu, Feb 07, 2013 at 09:34:00PM +0100, deconya wrote:

      > > > smtp_sasl_auth_enable = no
      > >
      > > You've disabled SASL.
      >
      > In main.cf appears
      >
      > smtpd_sasl_auth_enable = yes, why can appear no?

      You're not paying attention:

      "smtpd" != "smtp"

      > > > smtp_sasl_password_maps = hash:/etc/postfix/relay_passwd
      > >
      > > In this table the lookup key should be the verbatim setting of
      > > relayhost:
      > >
      > > [smtp.puc.rediris.es] user:pass
      > >
      > > > smtp_sasl_security_options = noplaintext, noanonymous
      > > > smtp_sasl_tls_security_options = $smtp_sasl_security_options
      > > > smtp_sasl_tls_verified_security_options =
      >
      > Other strange rule, I have
      >
      > smtpd_sasl_security_options = noanonymous

      You're still not paying attention:

      "smtpd" != "smtp"

      > > > smtp_tls_CAfile =
      > > > smtp_tls_CApath =
      > >
      > > How do you expect to verify the peer certificate? And without
      > > verification, how do you expect to authenticate?
      >
      > This rules are misspelled? I have this in main.cf
      >
      > smtpd_tls_key_file = /etc/ssl/private/server_key.pem
      > smtpd_tls_cert_file = /etc/ssl/server.crt
      > smtpd_tls_CAfile = /etc/ssl/TERENASSL_PATH.pem

      That attention thing is a real problem...

      > > > smtp_tls_enforce_peername = yes
      > > > smtp_use_tls = no
      > > > smtp_tls_security_level =
      > >
      > > The first two settings are obsolete. Set "smtp_tls_security_level = secure"
      > > or at least "may" (and then enforce TLS for the relay via the policy table).
      > >
      > >> smtp_tls_loglevel = 0
      >
      > I have
      >
      > smtpd_tls_loglevel = 2

      Broken record...

      --
      Viktor.
    • deconya
      Hi Well, thanks to advise me about the diference. But how I can change it? I understand taht all my rules are misspelled and I need to correct all of this with
      Message 2 of 11 , Feb 7, 2013
      • 0 Attachment
        Hi

        Well, thanks to advise me about the diference. But how I can change it?

        I understand taht all my rules are misspelled and I need to correct all
        of this with smtp_ ?

        Thanks for your time and patience :-)

        El 07/02/13 23:03, Viktor Dukhovni escribió:
        > On Thu, Feb 07, 2013 at 09:34:00PM +0100, deconya wrote:
        >
        >>>> smtp_sasl_auth_enable = no
        >>> You've disabled SASL.
        >> In main.cf appears
        >>
        >> smtpd_sasl_auth_enable = yes, why can appear no?
        > You're not paying attention:
        >
        > "smtpd" != "smtp"
        >
        >>>> smtp_sasl_password_maps = hash:/etc/postfix/relay_passwd
        >>> In this table the lookup key should be the verbatim setting of
        >>> relayhost:
        >>>
        >>> [smtp.puc.rediris.es] user:pass
        >>>
        >>>> smtp_sasl_security_options = noplaintext, noanonymous
        >>>> smtp_sasl_tls_security_options = $smtp_sasl_security_options
        >>>> smtp_sasl_tls_verified_security_options =
        >> Other strange rule, I have
        >>
        >> smtpd_sasl_security_options = noanonymous
        > You're still not paying attention:
        >
        > "smtpd" != "smtp"
        >
        >>>> smtp_tls_CAfile =
        >>>> smtp_tls_CApath =
        >>> How do you expect to verify the peer certificate? And without
        >>> verification, how do you expect to authenticate?
        >> This rules are misspelled? I have this in main.cf
        >>
        >> smtpd_tls_key_file = /etc/ssl/private/server_key.pem
        >> smtpd_tls_cert_file = /etc/ssl/server.crt
        >> smtpd_tls_CAfile = /etc/ssl/TERENASSL_PATH.pem
        > That attention thing is a real problem...
        >
        >>>> smtp_tls_enforce_peername = yes
        >>>> smtp_use_tls = no
        >>>> smtp_tls_security_level =
        >>> The first two settings are obsolete. Set "smtp_tls_security_level = secure"
        >>> or at least "may" (and then enforce TLS for the relay via the policy table).
        >>>
        >>>> smtp_tls_loglevel = 0
        >> I have
        >>
        >> smtpd_tls_loglevel = 2
        > Broken record...
        >
      • Viktor Dukhovni
        ... When configuring the Postfix SMTP client set the parameters documented to work with smtp(8) and not those documented to work with smtpd(8). Don t confuse
        Message 3 of 11 , Feb 7, 2013
        • 0 Attachment
          On Thu, Feb 07, 2013 at 11:08:11PM +0100, deconya wrote:

          > Well, thanks to advice me about the diference. But how I can change it?

          When configuring the Postfix SMTP client set the parameters documented
          to work with smtp(8) and not those documented to work with smtpd(8).

          Don't confuse the two sets of parameters. When sending mail via a relay
          host none of the "smtpd_..." parameters apply, they are relevant only
          when receiving mail.

          --
          Viktor.
        • deconya
          Hi Viktor Thanks for all, at now Im with other problema, how to config CA file in postfix using Comodo certificates but is other thread :-) THanks ... De:
          Message 4 of 11 , Feb 8, 2013
          • 0 Attachment
            Hi Viktor

            Thanks for all, at now Im with other problema, how to config CA file in postfix using Comodo certificates but is other thread :-)

            THanks

            -----Mensaje original-----
            De: Viktor Dukhovni <postfix-users@...>
            Reply-to: postfix-users@...
            Para: postfix-users@...
            Asunto: Re: questions about functions in postfix
            Fecha: Fri, 8 Feb 2013 02:29:43 +0000

            On Thu, Feb 07, 2013 at 11:08:11PM +0100, deconya wrote: > Well, thanks to advice me about the diference. But how I can change it? When configuring the Postfix SMTP client set the parameters documented to work with smtp(8) and not those documented to work with smtpd(8). Don't confuse the two sets of parameters. When sending mail via a relay host none of the "smtpd_..." parameters apply, they are relevant only when receiving mail.
          Your message has been successfully submitted and would be delivered to recipients shortly.