netstat -tap is showing the master process listening on port 25, and there was nothing whatsoever in the mail logs. There were definitely packets coming through, but that only served to obscure the problem. I've just come across a solution that I probably should have though of before:
Turns out port 25 was being blocked by my ISP - why it was still letting some packets through, I have no idea.
I had gotten into the habit of using webmail when I changed my home ISP and didn't notice the problem until I was past the association. My other users didn't notice it at the same time because my brother was traveling and connecting through hotspots that were not blocking that port.
The fix was to uncomment the submission configuration in master.cf and open port 587 in the firewall.
Other things I had to remember:
* Open the submission port in the firewall.
* Update the Squirrelmail configuration to use the correct port.
* Set the -o smtpd_tls_security_level=may in the master.cf submission config to allow Squirrelmail to connect without TLS, as well as external clients that may not be able to use it.
* Add the following to the master.cf submission:
* And change the smtpd_client_restrictions setting to include mynetworks.
Without these changes, I'd have had to jump through hoops to get Squirrelmail to go through the SMTP authentication as well as the IMAP authentication. Didn't seem worthwhile.
So, now I'm on to the next problem. It seems the postfix - sasl - pam - mysql authentication chain is not quite right. But at least I'm actually getting useful information there. If I can't find the solution to this one, I'll post another thread.
I hope this helps someone else avoid the frustration I went through.