allow authenticated relaying on port 25
Gavin McCullagh
gavin.mccullagh at gcd.ie
Tue Aug 3 11:31:50 CEST 2010
On Tue, 03 Aug 2010, Gavin McCullagh wrote:
> we're using postfix 2.2.3. We need to allow postfix to accept and relay
> email to authenticated users from the 'net on port 25. How is this done?
To give a little more detail on this, we have users who roam both on and
off the campus and therefore have smtp authentication set up for them.
With our old Kolab (v1) setup, most users were connecting on port 25,
authenticating and were able to have email relayed for them. We had
started moving users to port 587 for this purpose, but not all have.
We enabled submission on port 587 by adding this to the master.cf template:
# added by GavinMc
@@@bind_addr@@@:submission inet n - n - - smtpd
-o smtpd_enforce_tls=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
This works fine, but we haven't moved all clients to port 587 so I'd like
to enable auth on port 25 and allow people to connect
On the new Kolab setup, SASL auth from the outside world doesn't appear to
work. Internal hosts are part of mynetworks, so they're okay.
My android phone works fine on port 587. On port 25, the phone tells me
(if I have TLS on) that my outgoing server does not support TLS. If I set
the security type to "none", I get the error "your outgoing server does not
support TLS".
This is surprising, as if I telnet to port 25 from the 'net and run ehlo, I
get:
ehlo gavin
250-paidi.gcd.ie
250-PIPELINING
250-SIZE 20971520
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
Anyone know what's going on here?
Gavin
More information about the users
mailing list