smtp-AUTH :relay access denied

I have solved the problem with smtp -auth. ( relay access denied ) and thought i would share my configuration the with those who are facing similar issues My system is FC4 and i wanted a basic requirement of system users on my mail server ( only one domain ) . setting up of postfix in this case is pretty easy but smth-AUTH as major problem. Here are some of my tips and configuration files i sued to authenticate users through PAM instead of the /etc/shadow . { note: for to users authenticate r through /etc/shadow you would need to allow postfix have read permission to the /etc/shadow file , which would be a security risk by default /etc/shadow is 400 }

the testsaslauthd is a command to check is system user authenticate testsaslauthd -u testpostfix -p testpostfix

vi /etc/sysconfig/saslauthd # Directory in which to place saslauthd's listening socket, pid file, and so # on. This directory must already exist. SOCKETDIR=/var/run/saslauthd # Mechanism to use when checking passwords. Run "saslauthd -v" to get a list # of which mechanism your installation was compiled to use. MECH="PAM" # Additional flags to pass to saslauthd on the command line. See saslauthd(8) # for the list of accepted flags. FLAGS=

vi /usr/lib/sasl2/smtpd.conf

pwcheck_method: saslauthd mech_list: PLAIN LOGIN

[root@server227 ~]# rpm -qa grep cyrus cyrus-sasl-2.1.20-6 cyrus-sasl-plain-2.1.20-6 cyrus-sasl-sql-2.1.20-6 cyrus-sasl-md5-2.1.20-6 cyrus-sasl-devel-2.1.20-6 cyrus-sasl-gssapi-2.1.20-6 cyrus-sasl-ntlm-2.1.20-6

vi main.cf

enable_server_options = yes smtpd_sasl2_auth_enable = yes smtpd_sasl_auth_enable = yes smtpd_sasl_path = smtpd smtpd_sasl_application_name = smtpd smtpd_sasl_security_options = noanonymous smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = broken_sasl_auth_clients = yes server_enabled = 1 smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_relay_domains

telnet ipaddress 25

220 mail.foostor.com ESMTP Postfix ehlo localhost 250-mail.foostor.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250 8BITMIME

You can alo check the mynetwork_style = subnet and it should work

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Other Articles

Enter your email address: