Loading ...
Sorry, an error occurred while loading the content.

Re: Send email for users from any location

Expand Messages
  • Peter
    ... No, the service you re looking for is submission , not smtps . SMTPS is a deprecated means of submission and you only need it if your users are using a
    Message 1 of 8 , Jul 8, 2013
    • 0 Attachment
      On 07/09/2013 05:10 AM, Dotan Cohen wrote:
      >> on a related note, as this is for humans to send mail from their mail
      >> clients, you'll want to configure a proper submission [port 587] service.
      >> see the commented example in master.cf for a starting point. smtp auth
      >> should be offered only via the submission service, and not via mx service
      >> [port 25]. additionally, encryption should be required for submission
      >> traffic.
      >
      > Are you referring to this:
      > #smtps inet n - - - - smtpd
      > # -o syslog_name=postfix/smtps
      > # -o smtpd_tls_wrappermode=yes
      > # -o smtpd_sasl_auth_enable=yes
      > # -o smtpd_client_restrictions=permit_sasl_authenticated,reject
      > # -o milter_macro_daemon_name=ORIGINATING

      No, the service you're looking for is "submission", not "smtps". SMTPS
      is a deprecated means of submission and you only need it if your users
      are using a very old version of one particular email client in which
      case they likely have other problems.


      Peter
    • Dotan Cohen
      ... Thank you Peter. Interestingly, even after enabling submission (perhaps incorrectly, I m looking into that) I still get this in the logs when I try to send
      Message 2 of 8 , Jul 8, 2013
      • 0 Attachment
        On Mon, Jul 8, 2013 at 11:04 PM, Peter <peter@...> wrote:
        > No, the service you're looking for is "submission", not "smtps". SMTPS is a
        > deprecated means of submission and you only need it if your users are using
        > a very old version of one particular email client in which case they likely
        > have other problems.
        >

        Thank you Peter. Interestingly, even after enabling submission
        (perhaps incorrectly, I'm looking into that) I still get this in the
        logs when I try to send mail via postfix:

        11993 Jul 9 05:02:11 awsBeta postfix/smtpd[6734]: warning: hostname
        bzq-219-241-14.static.bezeqint.net does not resolve to address
        212.179.241.14: Name or service not known
        11994 Jul 9 05:02:11 awsBeta postfix/smtpd[6734]: connect from
        unknown[212.179.241.14]
        11995 Jul 9 05:02:12 awsBeta postfix/smtpd[6734]: NOQUEUE: reject:
        RCPT from unknown[212.179.241.14]: 554 5.7.1
        <dotancohen@...>: Relay access denied;
        from=<fs@...> to=<dotancohen@...> proto=ESMTP
        helo=<[10.0.0.154]>
        11996 Jul 9 05:02:14 awsBeta postfix/smtpd[6734]: disconnect from
        unknown[212.179.241.14]

        212.179.241.14 is the address where my desktop is located, and bzq-*
        obviously by the name refers to my ISP (Bezeq). It seems that even
        with submission enabled, Postfix wants the IP address whitelisted in
        "mydomains". I don't even see in the logs that Postfix bothered
        checking the submission credentials, it rejected bases on IP address
        before even getting that far.

        What else must be configured to remove the IP address whitelist and go
        right to the submission credentials check?

        Thank you for helping me learn! I've gone over these tutorials but I'm
        rather stuck:
        http://www.postfix.org/VIRTUAL_README.html
        http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL
        https://help.ubuntu.com/community/Postfix


        --
        Dotan Cohen

        http://gibberish.co.il
        http://what-is-what.com
      • Peter
        ... This simply means that either your email client is not correctly configured to send SASL AUTH credentials, or postfix is not correctly configured to
        Message 3 of 8 , Jul 8, 2013
        • 0 Attachment
          On 07/09/2013 05:13 PM, Dotan Cohen wrote:
          > 212.179.241.14 is the address where my desktop is located, and bzq-*
          > obviously by the name refers to my ISP (Bezeq). It seems that even
          > with submission enabled, Postfix wants the IP address whitelisted in
          > "mydomains". I don't even see in the logs that Postfix bothered
          > checking the submission credentials, it rejected bases on IP address
          > before even getting that far.

          This simply means that either your email client is not correctly
          configured to send SASL AUTH credentials, or postfix is not correctly
          configured to receive them. There is more to SASL AUTH than just
          enabling submission. See http://www.postfix.org/SASL_README.html for
          more info.

          > What else must be configured to remove the IP address whitelist and go
          > right to the submission credentials check?

          You can remove permit_mynetworks if you want, there is nothing wrong
          with this, but it won't solve your problem, your problem is what I
          stated above.

          > http://www.postfix.org/VIRTUAL_README.html
          > http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL
          > https://help.ubuntu.com/community/Postfix

          Read the SASL_README document I linked to above.


          Peter
        • Hans Spaans
          ... Firefox OS Simulator 3.0.1 still prefers, read demands it, smtps over submission sadly enough. Hopefully they fix it or some helpdesks will have a fun time
          Message 4 of 8 , Jul 9, 2013
          • 0 Attachment
            wietse@... schreef op 2013-07-08 20:36:
            > Dotan Cohen:
            >> > on a related note, as this is for humans to send mail from their mail
            >> > clients, you'll want to configure a proper submission [port 587] service.
            >> > see the commented example in master.cf for a starting point. smtp auth
            >> > should be offered only via the submission service, and not via mx service
            >> > [port 25]. additionally, encryption should be required for submission
            >> > traffic.
            >> >
            >>
            >> Are you referring to this:
            >> #smtps inet n - - - - smtpd
            >
            > I think he meant the service called "submission". "smtps" is
            > obsolete, but apparently some software still uses it.

            Firefox OS Simulator 3.0.1 still prefers, read demands it, smtps over
            submission sadly enough. Hopefully they fix it or some helpdesks will
            have a fun time after the release of their first phone.

            Hans
          Your message has been successfully submitted and would be delivered to recipients shortly.