On 11/01/2012 10:33, Benjamin Hackl wrote:
$ cat /etc/postfix/main.cf myorigin=yourdomain.com relayhost=your.smarthost.com smtp_sasl_auth_enable=yes ## you probably want to limit how postfix authenticates # smtp_sasl_security_options=noanonymous # smtp_sasl_mechanism_filter=login smtp_sasl_password_maps=hash:/etc/postfix/relay_password ## if something doesn't work and you need detailed(!!) logs #debug_peer_list=your.smarthost.com #debug_peer_level=3 smtp_use_tls=yes #inet_interfaces = loopback-only #local_transport = error: disabled unknown_local_recipient_reject_code = 450
This is very much nearly what I got to. Note though that outbound port 25 is blocked, but my smarthost listens on the submission port as well if auth is used. So my relayhost line says:
relayhost=my.smarthost.com:587
On my relayhost maillog I can see the connection appears, but mails are bounced with:
530 5.7.0 Authentication required (in reply to MAIL FROM command)
$ cat /etc/postfix/relay_password your.smarthost.com yourusername:yourpassword
I have tried my.smarthost.com username:password
and
[my.smarthost.com]:587 username:password
and
my.smarthost.com:587 username:password
With various entries in main.cf to co-incide with these... (and remembering to run postmap each time).
$ postmap /etc/postfix/relay_password $ service postfix reload
You can check out the commented option in the man pages or http://www.postfix.org/postconf.5.html if you're interested later/have some spare time/if it doesn't work ;-)
The line I get in the logs on my smarthost is:
Jan 11 18:31:35 gate sendmail[17441]: STARTTLS=server, relay=188.29.xxx.xxx.threembb.co.uk [188.29.xxx.xxx], version=TLSv1/SSLv3, verify=NO, cipher=DHE-RSA-AES256-SHA, bits=256/256
The mail just bounces back to the sender, nothing else on the smarthost logs.