allow authenticated relaying on port 25

Gavin McCullagh gavin.mccullagh at
Tue Aug 3 11:31:50 CEST 2010

On Tue, 03 Aug 2010, Gavin McCullagh wrote:

> we're using postfix 2.2.3.  We need to allow postfix to accept and relay
> email to authenticated users from the 'net on port 25.  How is this done?

To give a little more detail on this, we have users who roam both on and
off the campus and therefore have smtp authentication set up for them.

With our old Kolab (v1) setup, most users were connecting on port 25,
authenticating and were able to have email relayed for them.  We had
started moving users to port 587 for this purpose, but not all have.

We enabled submission on port 587 by adding this to the template:

# added by GavinMc
@@@bind_addr@@@:submission inet n  -  n   -   -   smtpd
   -o smtpd_enforce_tls=yes
   -o smtpd_sasl_auth_enable=yes
   -o smtpd_client_restrictions=permit_sasl_authenticated,reject

This works fine, but we haven't moved all clients to port 587 so I'd like
to enable auth on port 25 and allow people to connect 

On the new Kolab setup, SASL auth from the outside world doesn't appear to
work.  Internal hosts are part of mynetworks, so they're okay.

My android phone works fine on port 587.   On port 25, the phone tells me
(if I have TLS on) that my outgoing server does not support TLS.  If I set
the security type to "none", I get the error "your outgoing server does not
support TLS".

This is surprising, as if I telnet to port 25 from the 'net and run ehlo, I

	ehlo gavin
	250-SIZE 20971520
	250 DSN

Anyone know what's going on here?


More information about the users mailing list