Hi Paul,
thanks for the information last week and today. I was/am quite busy and couldn't reply earlier.
On 21.03.24 16:04, paul@virtuadv.com wrote:
It took me a while to understand that smtpd parameters affect both incoming and outgoing mail, and in my case, they need to be different. I needed to override the parameters from main.cf.
In case someone is having similar issues, I was able to fix my in/out mails by changing the following in master.cf:
# port 25 incoming mail from other servers smtp inet n - y - - smtpd -v -o smtpd_relay_restrictions=defer_unauth_destination -o smtpd_recipient_restrictions=permit_auth_destination,reject # port 587 outgoing mail from thunderbird client submission inet n - y - - smtpd -v -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated -o smtpd_helo_restrictions= -o smtpd_relay_restrictions=permit_sasl_authenticated,reject -o smtpd_recipient_restrictions=permit_sasl_authenticated
just in case you're interested in, here's a snippet of my master.cf:
# ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (no) (never) (100) # ========================================================================== smtp inet n - y - - smtpd
[...]
################################################################################## ### ### STARTTLS, port 587 ### submission inet n - y - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o smtpd_sasl_security_options=noanonymous -o broken_sasl_auth_clients=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_relay_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject
################################################################################## ### ### SMTPS, port 465 ### smtps inet n - y - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o smtpd_sasl_security_options=noanonymous -o broken_sasl_auth_clients=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_relay_restrictions=reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject
[...]
In my case all the restrictions for port 25 are in main.cf. And in general I don't offer client authentication on port 25 but use it only for mail transfer from/to other MTAs.
Two questions:
Did you get your sending problem to yahoo/gmail solved?
What's exactly the problem with this?:
Now I am trying to get postfix/dovecot to get my internal mail from/to postmaster & root. Right now I have this in my file 'aliases':postmaster: root
Your /etc/aliases looks good. Are there any errors while sending/receiving mails to/for these aliases? What does not work and in which cases?
Best regards, Markus