From: Michael on 11 Jan 2010 02:44 As follows smtpd_recipient_restrictions = reject_invalid_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, check_recipient_access hash:/etc/postfix/access, permit_mynetworks, reject_authenticated_sender_login_mismatch mysql:/etc/postfix/mysql-sender-access.cf reject_unauth_destination mysql-sender-access.cf hosts = localhost user = USER password = PASS dbname = system query = SELECT username FROM mailboxes WHERE email='%s' AND active='1' The error returned is: RECEIVER ADDRESS (The server responded: "5.7.1 <SENDER ADDRESS>: Sender address rejected: not owned by user SASL USER") What;s going on? Running the query directly against the SQL database returns the desired result.
From: Barney Desmond on 11 Jan 2010 11:11 2010/1/11 Michael <pfml(a)nettrust.co.nz>: > As follows > > smtpd_recipient_restrictions = > ... > Â Â Â Â check_recipient_access hash:/etc/postfix/access, > Â Â Â Â permit_mynetworks, > Â Â reject_authenticated_sender_login_mismatch > mysql:/etc/postfix/mysql-sender-access.cf > Â Â Â Â reject_unauth_destination > ... > RECEIVER ADDRESS (The server responded: "5.7.1 <SENDER ADDRESS>: Sender > address rejected: not owned by user SASL USER") > > What;s going on? Running the query directly against the SQL database returns > the desired result. I've not used this function before myself, but my reading of the docs indicates you might've misinterpreted the correct usage. I hopped through these three in order: http://www.postfix.org/postconf.5.html#reject_authenticated_sender_login_mismatch http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch http://www.postfix.org/postconf.5.html#smtpd_sender_login_maps You haven't posted the output of `postconf -n`, so I don't know if your settings are correct, but I suspect you're needing something like: smtpd_recipient_restrictions = reject_invalid_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, check_recipient_access hash:/etc/postfix/access, permit_mynetworks, reject_authenticated_sender_login_mismatch, reject_unauth_destination smtpd_sender_login_maps = mysql:/etc/postfix/mysql-sender-access.cf reject_authenticated_sender_login_mismatch doesn't take a type:table mapping, it just makes use of one defined elsewhere.
From: mouss on 11 Jan 2010 17:58 Michael a �crit : > As follows > > smtpd_recipient_restrictions = > reject_invalid_hostname, > reject_non_fqdn_sender, > reject_non_fqdn_recipient, > reject_unknown_sender_domain, > reject_unknown_recipient_domain, > reject_unauth_pipelining, useless. RCPT TO is an "asynchronous" command, so there is no "unauth_pipelining" at this stage. read the pipelining RFC for more. > check_recipient_access hash:/etc/postfix/access, Avoid check_foo_access before reject_unauth_destination. an error will make you an open relay. what are you tryng to do with that? > permit_mynetworks, > reject_authenticated_sender_login_mismatch > mysql:/etc/postfix/mysql-sender-access.cf As Barney pointed out, errax syntor (syntax error). you want something like: smtpd_sender_login_maps = mysql:/etc/postfix/mysql-sender-access.cf smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch (there's no point polluting smtpd_recipient_restrictions with this). PS. next time, show output of 'postconf -n' instead of personally selected main.cf snippets. > [snip]
|
Pages: 1 Prev: Tie a mail with log files? Next: TLS - Certificate not Trusted |