View Single Post
  #44  
Old 13th May 2008, 18:33
Challenger Challenger is offline
Junior Member
 
Join Date: Apr 2008
Posts: 19
Thanks: 5
Thanked 1 Time in 1 Post
Default

Hi Falko, and thanks again.

/etc/postfix/sasl/smtpd.conf contains:

--------------------------------------
pwcheck_method: saslauthd
mech_list: plain login
-----------------------------------------

/etc/default/saslauthd contains:

-------------------------------------
# This needs to be uncommented before saslauthd will be run automatically
# START=yes

# You must specify the authentication mechanisms you wish to use.
# This defaults to "pam" for PAM support, but may also include
# "shadow" or "sasldb", like this:
# MECHANISMS="pam shadow"

# MECHANISMS="pam"
# PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"

# Falko's settings below
#
# Settings for saslauthd daemon
#

# Should saslauthd run automatically on startup? (default: no)

START=yes

# Which authentication mechanisms should saslauthd use? (default: pam)
#
# Available options in this Debian package:
# getpwent -- use the getpwent() library function
# kerberos5 -- use Kerberos 5
# pam -- use PAM
# rimap -- use a remote IMAP server
# shadow -- use the local shadow password file
# sasldb -- use the local sasldb database file
# ldap -- use LDAP (configuration is in /etc/saslauthd.conf)
#
# Only one option may be used at a time. See the saslauthd man page
# for more information.
#
# Example: MECHANISMS="pam"
MECHANISMS="pam"

# Additional options for this mechanism. (default: none)
# See the saslauthd man page for information about mech-specific options.
MECH_OPTIONS=""

# How many saslauthd processes should we run? (default: 5)
# A value of 0 will fork a new process for each connection.
THREADS=5

# Other options (default: -c)
# See the saslauthd man page for information about these options.
#
# Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"
# Note: See /usr/share/doc/sasl2-bin/README.Debian
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"
------------------------------------------------------------------


/etc/postfix/main.cf contrains:

-------------------------------------------------------------------------
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

# TLS parameters [Falko: these just happen to be where my (self-generated) certs are. TLS has worked before]
smtpd_tls_cert_file = /etc/apache2/ssl.crt
# Following line added by Andy
smtpd_tls_key_file = /etc/apache2/ssl.key
# Following line added by Andy
# smtpd_tls_key_file=/etc/ssl/certs/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = pooh.boul.net
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
home_mailbox = Maildir/
mydestination = pooh.boul.net, localhost.pooh.boul.net, localhost.boul.net, localhost
relayhost =
mynetworks = 127.0.0.0/8, 192.168.1.0/24
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/ssl/certs/ca.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
maximal_queue_lifetime = 1d
relayhost = outbound.mailhop.org:2525
smtpd_helo_required = yes
delay_warning_time = 1

# Following lines to end added by Andy
# smtp_sasl_password_maps=hash:/etc/postfix/sasl_passwd


# force authentication
# smtp_sasl_security_options = noanonymous
# be courteous ! (optional)
# smtp_helo_name = pooh.boul.net
# identify yourself (optional)
# smtpd_banner = Pooh Boul Mail

# maximal_queue_lifetime = 1d
# mydomain = pooh.boul.net
# myorigin = pooh.boul.net
# mydestination = pooh.boul.net, localhost.pooh.boul.net, localhost.boul.net, localhost
# home_mailbox = Maildir/

# relayhost = outbound.mailhop.org:2525
# smtpd_delay_reject = no
# smtpd_sender_restrictions = hash:/etc/postfix/access, reject_unknown_sender_domain
# smtpd_recipient_restrictions = permit_mynetworks, check_client_access hash:/etc/postfix/access, reject_unauth_destination
# smtpd_helo_required = yes
# relay_domains = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, permit_inet_interfaces
# hash_queue_depth = 3
# delay_warning_time = 1
---------------------------------------------------------------------

You can see there is a lot I have tried in main.cf, but I have commented out everything not in the tutorial.

Thanks again for your help,

Andy
Reply With Quote