Mailinglist Archive: opensuse (714 mails)

< Previous Next >
Re: [opensuse] Postfix/dovecot - allow relay from phone - How??
  • From: Per Jessen <per@xxxxxxxxxxxx>
  • Date: Tue, 25 Oct 2011 08:01:22 +0200
  • Message-id: <j85jbh$pp9$>
David C. Rankin wrote:

Alright, that explains the port 587 need. Done (

submission inet n - n - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject

Additionally I have:

-o smtpd_sasl_security_options=noanonymous
-o smtpd_etrn_restrictions=reject

When you're using TLS, plaintext auth is fine. I'm not sure exactly
what smtpd_etrn_restrictions=reject does, I think I picked that up in
the postfix documentation.

There are other ways to do the authentication bit. I've used
pop-before-smtp in the past, which is a bit clunky, but it works.

OK, I've looked at popbsmpt on sourceforge. I guess that is the way to

No real reason to - the setup above should work just fine.

What I don't get is I can relay just fine from one computer to the
next using my domains:

smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, check_client_access
hash:/etc/postfix/client_access, reject_unauth_destination

So, I was hoping to do something similar with the phone.

Your computers are presumably inside "mynetworks", whereas your phone is
presumably not. With an external entity outside your control, I know
of no better way than sasl+tls.

I've dorked with this for a while and I'm still stumbling along. When
sending over 3G with Wifi turned off on the phone, I get errors
similar to:

Oct 24 14:37:34 nirvana postfix/smtpd[17198]: warning:
hostname verification failed:
Name or service not known

Not a real problem. It is due ""
not being mapped to "". Poor DNS setup on your providers

Oct 24 14:37:34 nirvana postfix/smtpd[17198]: connect from
unknown[] Oct 24 14:37:35 nirvana postfix/smtpd[17198]:
NOQUEUE: reject: RCPT from unknown[]: 554 5.7.1 Service
unavailable; Client host [] blocked using;;
from=<david@xxxxxxxxxxxx> to=<david@xxxxxxxxxxxxxxxxx> proto=ESMTP
helo=<[]> Oct 24 14:37:35 nirvana postfix/smtpd[17198]:
disconnect from unknown[]

So your rbl restriction kicked in instead of the
permit_sasl_authenticated - I don't see any evidence of authentication
having happened?

spamhaus killed this message so I nuked the rbl check:

#smtpd_client_restrictions = permit_sasl_authenticated,
#reject_rbl_client, reject_unknown_client
smtpd_client_restrictions = permit_sasl_authenticated,

then the error became:

Oct 24 15:06:34 nirvana postfix/smtpd[17830]: NOQUEUE: reject: RCPT
from unknown[]: 450 4.7.1 Client host rejected: cannot
find your hostname, []; from=<david@xxxxxxxxxxxx>
to=<david@xxxxxxxxxxxxxxxxx> proto=ESMTP helo=<[]>

This is due to 'reject_unknown_client'.

So I decided to go back to the drawing board and read a bit more...
Surely there is a good howto on this somewhere....

There is plenty out there - the plain postfix documentation and HOWTOs
are all pretty good, and there is also

Thanks again and if you have any other thoughts, let me know.

I suspect a problem in authentication. If you were to turn on debugging
you'd see exactly what is happening.

Per Jessen, Zürich (7.9°C)

To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >