Postfix or SASL Port failure ( TLS Support )
Paul Schmehl
pauls at utdallas.edu
Wed Mar 16 15:33:18 PST 2005
--On Wednesday, March 16, 2005 11:04:12 PM +0100 José Nicolás Castellano
<jncastellano at noconname.org> wrote:
>
> Ok, but now i want to send without tls, son this don't works.
Postfix will not relay by default. When you setup TLS, you are allowed to
relay through Postfix by first authenticating. If you're trying to relay
but the authentication is failing, then you need to look at *how* the
authentication is done.
First, do you have a line like this in master.cf?
smtps inet n - n - - smtpd -o
smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
If not, you won't be able to do TLS.
Do you have lines like these in main.cf?
smtpd_use_tls = yes
#smtpd_tls_auth_only = yes
smtpd_tls_key_file = /var/imap/server.pem
smtpd_tls_cert_file = /var/imap/server.pem
smtpd_tls_CAfile = /var/imap/server.pem
mtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
If not, you won't be able to do TLS.
Do you also have lines like this in main.cf?
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
permit_sasl_authenticated
reject_unauth_destination
reject_unauth_pipelining
If not, you won't be able to do TLS.
Do you have a file like this:
/usr/local/lib/sasl2/Sendmail.conf
with contents like this:
pwcheck_method: saslauthd auxprop
If not, you won't be able to do TLS.
I don't understand what you mean by "send without tls". Are you trying to
relay? Send from the localhost? What?
Paul Schmehl (pauls at utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu
More information about the freebsd-ports
mailing list