Postfix or SASL Port failure ( TLS Support )

Paul Schmehl pauls at
Wed Mar 16 15:33:18 PST 2005

--On Wednesday, March 16, 2005 11:04:12 PM +0100 José Nicolás Castellano 
<jncastellano at> wrote:
> Ok, but now i want to send without tls, son this don't works.

Postfix will not relay by default.  When you setup TLS, you are allowed to 
relay through Postfix by first authenticating.  If you're trying to relay 
but the authentication is failing, then you need to look at *how* the 
authentication is done.

First, do you have a line like this in
smtps     inet  n       -       n       -       -       smtpd -o 
smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes

If not, you won't be able to do TLS.

Do you have lines like these in
smtpd_use_tls = yes
#smtpd_tls_auth_only = yes
smtpd_tls_key_file = /var/imap/server.pem
smtpd_tls_cert_file = /var/imap/server.pem
smtpd_tls_CAfile = /var/imap/server.pem
mtpd_tls_loglevel = 3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

If not, you won't be able to do TLS.

Do you also have lines like this in
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes

If not, you won't be able to do TLS.

Do you have a file like this:

with contents like this:
pwcheck_method: saslauthd auxprop

If not, you won't be able to do TLS.

I don't understand what you mean by "send without tls".  Are you trying to 
relay?  Send from the localhost?  What?

Paul Schmehl (pauls at
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member

More information about the freebsd-ports mailing list