search for: smtpd_sasl_security_options

Hi Jacky, in postfix/main.cf you typically set something like smtpd_sasl_auth_enable=yes smtpd_sasl_type=cyrus smtpd_sasl_exceptions_networks=$mynetworks smtpd_sasl_security_options=noanonymous smtpd_sasl_authenticated_header=yes broken_sasl_auth_clients=yes smtpd_recipient_restrictions=permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination smtpd_recipient_restrictions might already exist in main.cf and in that case has to be extended postfix can verify login/...

On Wed, 9 Jan 2019 at 13:09, Jacky <jacky at jesstech.com> wrote: > Hi Gerald, > > in my postfix/main.cf > > smtpd_sasl_authenticated_header = yes > smtpd_sasl_security_options = noanonymous > smtpd_sasl_local_domain = $myhostname > smtpd_sasl_type = dovecot > smtpd_sasl_path = /var/run/dovecot/auth-client > broken_sasl_auth_clients = yes > > I am already using dovecot for SASL > > The dovecot submission service authenticates users and already adde...

...nknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_exceptions_networks = smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/dovecot-auth smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = $smtpd_sasl_security_options smtpd_sasl_type = dovecot Any ideas? Thanks for the response. - Rene

...d,reject_unauth_destination smtpd_relay_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = no smtpd_sasl_exceptions_networks = smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = inet:localhost:7425 smtpd_sasl_security_options = noanonymous smtpd_sasl_service = smtp smtpd_sasl_tls_security_options = $smtpd_sasl_security_options smtpd_sasl_type = dovecot #### #### DOVECONF #### > doveconf -n # 2.3.1 (8e2f634): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.1 (d9bc6dfe) # OS: Linux 4.12.14-lp150.12.19-default x...

...ges to get to use mysql instead of Postgresql ? Also i dont know if u all can help.. but i have tried to do : SASL2 authentication configuration in main.cf(Postfix): smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = domain.org smtp_sasl_auth_enable = no And when i start postfix with these settings i get an error saying"invlaid boolean" .. can anyone help ? Regards, Andre

Dear All, I've installed Postfix 2.7.0 and Dovecot 1.2.9 on Ubuntu 10.04. I want to use Dovecot SASL with Postfix and did the following configuration. main.cf smtpd_sasl_auth_enable = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/dovecot-auth smtpd_sasl_authenticated_header = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname broken_sasl_auth_clients = yes smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination /etc/dovecot/auth.d/01...

...tion_recipient_limit = 1 # ---------------------- VIRTUAL DOMAINS END ---------------------- # ---------------------- SASL PART START ---------------------- smtpd_sasl_auth_enable????????? = yes smtpd_recipient_restrictions = permit_mynetworks, ? permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_security_options???? = noanonymous broken_sasl_auth_clients??????? = yes smtpd_sasl_type???????????????? = dovecot smtpd_sasl_path = /var/spool/postfix/private/auth smtpd_sasl_application_name = smtpd # ---------------------- SASL PART END ---------------------- smtpd_soft_error_limit = 10 smtpd_hard_error_limit =...

Hello, I'm trying to configure postfix + Dovecot SASL for user authenticated mail relay. I set following configuration on postfix queue_directory = /var/spool/postfix smtpd_sasl_auth_enable = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_authenticated_header = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname broken_sasl_auth_clients = yes smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination Following are dovecot...

...ry = /etc/postfix/sample sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $mydomain smtpd_sasl_path = /var/run/dovecot/auth-client smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = $smtpd_sasl_security_options smtpd_sasl_type = dovecot smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/private/server.crt smtpd_tls_key_file = /etc/ssl/private/server.key smtpd_tls_loglevel = 1 transport_maps = hash:/etc/postfix/transport unk...

...gt;> On Wed, 9 Jan 2019 at 13:09, Jacky <jacky at jesstech.com >> <mailto:jacky at jesstech.com>> wrote: >> >> Hi Gerald, >> >> in my postfix/main.cf <http://main.cf> >> >> smtpd_sasl_authenticated_header = yes >> smtpd_sasl_security_options = noanonymous >> smtpd_sasl_local_domain = $myhostname >> smtpd_sasl_type = dovecot >> smtpd_sasl_path = /var/run/dovecot/auth-client >> broken_sasl_auth_clients = yes >> >> I am already using dovecot for SASL >> >> The dovecot...

Hi Gerald, in my postfix/main.cf smtpd_sasl_authenticated_header = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname smtpd_sasl_type = dovecot smtpd_sasl_path = /var/run/dovecot/auth-client broken_sasl_auth_clients = yes I am already using dovecot for SASL The dovecot submission service authenticates users and already added the AUTH= parameter in the MAIL FRO...

...en postfix and dovecot and is not facing clients directly, so there is no way to keep persistent connections by client ip. # POSTFIX smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_exceptions_networks = smtpd_sasl_local_domain = smtpd_sasl_path = inet:127.0.0.1:20025 smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = $smtpd_sasl_security_options smtpd_sasl_type = dovecot # HAPROX frontend postfix-sasl bind 127.0.0.1:20025 default_backend dovecot-auth backend dovecot-auth mode tcp option tcplog option srvtcpka hash-type cons...

...h:/etc/postfix/roleaccount_exceptions, reject_invalid_hostname, check_helo_access pcre:/etc/postfix/helo_checks, reject_rbl_client sbl-xbl.spamhaus.org, permit smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes tls_random_exchange_name = /var/spool/postfix/prng_exch smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_use_tls = yes smtpd_tls_security_level = may smtpd_tls_auth_only = yes smtpd_tls_key_file = /etc/pki/tls/private/ssl.key.private.decryp...

...failed or bad record mac #Apr 25 14:08:51 serwer-1 dovecot: imap-login: Error: SSL: Stacked error: error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher When I setup in postfix main.cf file (other lines default): tls_ssl_options = no_ticket, no_compression tls_preempt_cipherlist = yes smtpd_sasl_security_options=noanonymous,noplaintext smtpd_sasl_tls_security_options=noanonymous,noplaintext smtpd_tls_mandatory_ciphers = high smtpd_tls_dh1024_param_file = /etc/postfix/dh2048.pem #instead of below I tried smtpd_tls_mandatory_exclude_ciphers but I don't know what should be setup smtpd_tls_exclude_ciphers...

...ny of the available authentication methods." Similar case like - http://archives.neohapsis.com/archives/postfix/2008-09/thread.html#145 I tried everything, the config is like described in Postfix and Dovecot sites - http://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL I also tried in main.cf smtpd_sasl_security_options =forward_secrecy like described in http://www.postfix.org/postconf.5.html#smtpd_sasl_security_options But none helped. So I switched back to Cyrus-sasl and Entourage works well like before with sendmail. I started to search what may be the reason, and seems with Dovecot sasl Postfix wont adverti...

One of my accounts was having login failures when trying to send mail, but was able to check mail. I tried everything I could think of to see what the issue might be, but eventually went in and reset the password in the sql database (I knew the password, so I reset it to the same password). {SHA256-CRYPT}$5$VuS? {SHA256-CRYPT}$5$VI7? So the password was updated properly. Clients can still

.../README_FILES sample_directory = /usr/share/doc/postfix-2.6.6/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/pki/tls/certs/mail_the10thfloor_com.crt smtpd_tls_key_file = /etc/pki/tls/private/mail_the10thfloor_com-nopass.key smtpd_tls_security_level = may soft_bounce = no tls_random_source = dev:/dev/urandom unknow...

...rictions = reject_invalid_helo_hostname smtpd_recipient_restrictions = reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = $smtpd_sasl_security_options smtpd_sasl_type = dovecot smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt smtpd_tls_cert_file = /etc/ssl/certs/postfix.pem smtpd_tls_key_file = /etc/ssl/private/postfix.key smtpd_tls_loglevel = 1 smtpd_tls_received_h...

...ail_path = /usr/sbin/sendmail setgid_group = postdrop smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_exceptions_networks = $mynetworks smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_CAfile = /etc/postfix/ssl/smtpd.pem smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem smtpd_tls_key_file = /etc/postfix/ssl/smtpd.pem smtpd_tls_loglevel = 1 smtpd_tls_session_cache_timeout = 3600s unknown_local_recipient_reject_code = 550 virtual_mai...

...oup = postdrop smtp_generic_maps = hash:/etc/postfix/generic smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/access, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unlisted_recipient smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot unknown_local_recipient_reject_code = 550 --------------------------------------------------------------- -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.