[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] SuSE 9.0: postfix sasl authentikation fails



Am Freitag, 9. Januar 2004 15:21 schrieb Arjen de Korte:
> On Friday 09 January 2004 14:59, Marc Samendinger wrote:
> >  smtpd_sender_restrictions =
> >  	permit_mynetworks,
> >  	permit_sasl_authenticated,
> >  	reject
>
> You would drop virtually all incoming mail from external,
> non-authenticated users to you. I can't imagine this is what you
> want. I think the following lines may be more appropriate:
>
> smtpd_sender_restrictions =
> smtpd_recipient_restrictions =
> 	permit_mynetworks,
> 	permit_sasl_authenticated,
> 	permit_auth_destination,
> 	reject
>
> The above translates to allow all 'MAIL FROM' sender adresses, but
> only accept 'RCPT TO' adresses if the client is from 'mynetworks',
> 'sasl_authenticated' or the recipient is in the list of domains for
> which we recieve or relay mail.
>
> Best regards,
> Arjen
Of course you're absolutely right,
I was just happy I got it working.... ;-)
Thanks!
(However, my config is even more tricky: The mailserver recieves mail 
for one domain on interface eth0, passes it to spamd, gets it bak and 
delivers to an exchange server in the local net.)
Outgoing mail is all coming from eth1 (mainly from the exchange server) 
and is delivered without spam check or similar. So my config would work 
for the smtpd daemon on eth1... i guess... ;-)

Nevertheless, thanks !
-- 
Mit freundlichen Grüßen
Markus Feilner
--
Linux Solutions, Training, Seminare und Workshops - auch Inhouse
Feilner IT Linux & GIS Erlangerstr. 2 93059 Regensburg
fon: +49 941 70 65 23  - mobil: +49 170 302 709 2 
web: http://feilner-it.net mail: mfeilner@xxxxxxxxxxxxxx


--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here