[gull] postfix ESMTP TLS relaying (TOPIC 1/1)

Philippe STRAUSS philippe at strauss.pas.nu
Sat Mar 22 15:39:43 CET 2014


Arf c'est systématiquement via SASL, je mélangeais entre config certifs. clients et smtp auth.


On Sat, 22 Mar 2014 12:33:38 +0100
Felipe Gonzalez <catseye.chandra at gmail.com> wrote:

> quels sont les règles d'autorisation dans main.cf et master.cf pour
> accépter le relaying avec une config TLS propre à submission, j'ai :
> 
> # SASL : fonctionne
> 
> #smtpd_sasl_auth_enable = yes
> #smtpd_sasl_type = dovecot
> #smtpd_sasl_path = private/auth
> #smtpd_sasl_security_options = noanonymous, noplaintext
> #smtpd_sasl_tls_security_options = noanonymous
> #smtpd_sasl_local_domain = $myhostname
> #broken_sasl_auth_clients = yes
> 
> # own tls: môrche pô :
> 
> smtpd_recipient_restrictions =
>    #permit_sasl_authenticated,
>    permit_mynetworks,
>    permit_tls_clientcerts,
>    reject_unauth_destination
> 
> master.cf:
> 
> submission inet n       -       -       -       -       smtpd
>   -o syslog_name=postfix/submission
>   -o smtpd_tls_security_level=encrypt
>   #-o smtpd_sasl_auth_enable=yes
>   #-o smtpd_client_restrictions=permit_sasl_authenticated,reject
>   -o smtpd_client_restrictions=permit_tls_clientcerts,reject
> #  -o milter_macro_daemon_name=ORIGINATING
> 
> 
> 
> 
> --
> Tonya Hardening
> 
> the roof, the roof, the roof is on fire


More information about the gull mailing list