<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <p>service submission-login {<br class="">
        inet_listener submissions {<br class="">
          haproxy = no<br class="">
          port = 465<br class="">
          reuse_port = no<br class="">
          ssl = yes<br class="">
        }<br class="">
      }</p>
    <p>Shouldn't the port be 587 here?</p>
    <p>My config file looks like:</p>
    <p>service submission-login {<br>
        inet_listener submission {<br>
          #port = 587<br>
        }<br>
      }<br>
    </p>
    <p>The # comment must also mean something..<br>
    </p>
    <div class="moz-cite-prefix">On 7/27/19 3:21 PM, Jean-Daniel via
      dovecot wrote:<br>
    </div>
    <blockquote type="cite"
      cite="mid:200AB147-A245-4F8D-BCA6-F40938D3AAB9@xooloo.com">
      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
      <br class="">
      <div><br class="">
        <blockquote type="cite" class="">
          <div class="">Le 27 juil. 2019 à 14:30, Stephan Bosch <<a
              href="mailto:stephan@rename-it.nl" class=""
              moz-do-not-send="true">stephan@rename-it.nl</a>> a
            écrit :</div>
          <br class="Apple-interchange-newline">
          <div class=""><span style="caret-color: rgb(0, 0, 0);
              font-family: Helvetica; font-size: 12px; font-style:
              normal; font-variant-caps: normal; font-weight: normal;
              letter-spacing: normal; text-align: start; text-indent:
              0px; text-transform: none; white-space: normal;
              word-spacing: 0px; -webkit-text-stroke-width: 0px;
              text-decoration: none; float: none; display: inline
              !important;" class="">On 23/07/2019 17:13, Jean-Daniel
              Dupas via dovecot wrote:</span><br style="caret-color:
              rgb(0, 0, 0); font-family: Helvetica; font-size: 12px;
              font-style: normal; font-variant-caps: normal;
              font-weight: normal; letter-spacing: normal; text-align:
              start; text-indent: 0px; text-transform: none;
              white-space: normal; word-spacing: 0px;
              -webkit-text-stroke-width: 0px; text-decoration: none;"
              class="">
            <blockquote type="cite" style="font-family: Helvetica;
              font-size: 12px; font-style: normal; font-variant-caps:
              normal; font-weight: normal; letter-spacing: normal;
              orphans: auto; text-align: start; text-indent: 0px;
              text-transform: none; white-space: normal; widows: auto;
              word-spacing: 0px; -webkit-text-size-adjust: auto;
              -webkit-text-stroke-width: 0px; text-decoration: none;"
              class="">Hello,<br class="">
              <br class="">
              I'm having trouble configuring the submission proxy.<br
                class="">
              <br class="">
              I have configured the submission service as follow:<br
                class="">
              <br class="">
              submission_host = <a href="http://smtp.example.com"
                class="" moz-do-not-send="true">smtp.example.com</a><br
                class="">
              submission_relay_host = localhost<br class="">
              submission_relay_port = 8587<br class="">
            </blockquote>
          </div>
        </blockquote>
        <br class="">
        <br class="">
        <blockquote type="cite" class="">Le 27 juil. 2019 à 14:30,
          Stephan Bosch <<a href="mailto:stephan@rename-it.nl"
            class="" moz-do-not-send="true">stephan@rename-it.nl</a>>
          a écrit :<br class="">
          <br class="">
          On 23/07/2019 17:13, Jean-Daniel Dupas via dovecot wrote:<br
            class="">
          <blockquote type="cite" class="">Hello,<br class="">
            <br class="">
            I'm having trouble configuring the submission proxy.<br
              class="">
            <br class="">
            I have configured the submission service as follow:<br
              class="">
            <br class="">
            submission_host = <a href="http://smtp.example.com"
              class="" moz-do-not-send="true">smtp.example.com</a><br
              class="">
            submission_relay_host = localhost<br class="">
            submission_relay_port = 8587<br class="">
            submission_relay_rawlog_dir = /var/log/dovecot/<br class="">
            submission_relay_trusted = yes<br class="">
            <br class="">
            My main issue is that until I login, dovecot-submission
            won't connect to the backend and query the capabilities and
            so won't report the right capabilities.<br class="">
            <br class="">
            That mean that the first EHLO message don't get the right
            capabilities list.<br class="">
            <br class="">
            "<br class="">
            EHLO <a href="http://example.com" class=""
              moz-do-not-send="true">example.com</a><br class="">
            <br class="">
            <a href="http://250-smtp.example.com" class=""
              moz-do-not-send="true">250-smtp.example.com</a><br
              class="">
            250-8BITMIME<br class="">
            250-AUTH PLAIN LOGIN<br class="">
            250-BURL imap<br class="">
            250-CHUNKING<br class="">
            250-ENHANCEDSTATUSCODES<br class="">
            250-SIZE<br class="">
            250 PIPELINING<br class="">
            "<br class="">
            <br class="">
            This list don't contains VRFY, DNS, and SIZE is not
            specified (all of these is present in backend EHLO
            response).<br class="">
            After login, if I send an new EHLO command, everything is
            properly reported. The raw log shows that unlike what the
            documentation says,<br class="">
            dovecot don't try to connect to the backend until the user
            is properly logged.<br class="">
            <br class="">
            In my raw log I show that after I logged in
            dovecot-submission, the later open a connection to the
            backend and send a X-CLIENT command.<br class="">
            <br class="">
            <br class="">
            Now, if I try to force the capabilities by using:<br
              class="">
            <br class="">
            submission_backend_capabilities = VRFY 8BITMIME DSN<br
              class="">
            <br class="">
            dovecot properly reports all SMTP capabilities in the first
            EHLO response, but it completely stops emitting X-CLIENT
            command to the backend<br class="">
            and try to simply forward the command without
            authentication, which result in postfix rejecting the
            command with an unauthorized user error.<br class="">
            <br class="">
            What is wrong with my configuration ?<br class="">
            Thanks.<br class="">
          </blockquote>
          <br class="">
          Can you send us your complete configuration (output from
          `dovecot -n`)?<br class="">
        </blockquote>
        <div class=""><br class="">
        </div>
        <div class="">Yes (see below).</div>
        <div class=""><br class="">
        </div>
        <div class="">Some additional information:</div>
        <div class=""><br class="">
        </div>
        <div class="">===============</div>
        <div class=""><br class="">
        </div>
        <div class="">When I connect directly to dovecot-submission
          using nc and send an EHLO command, I got the following result
          (the SIZE is configured in dovecot config, that’s why it is
          properly announced), but no raw_log are generated at all.</div>
        <div class=""><br class="">
        </div>
        <div class="">$ nc <a href="http://smtp.example.com" class=""
            moz-do-not-send="true">smtp.example.com</a> 587</div>
        <div class=""><br class="">
          220 <a href="http://smtp.example.com" class=""
            moz-do-not-send="true">smtp.example.com</a> Dovecot ready.<br
            class="">
          EHLO <a href="http://mydomain.com" class=""
            moz-do-not-send="true">mydomain.com</a><br class="">
          <a href="http://250-smtp.example.com" class=""
            moz-do-not-send="true">250-smtp.example.com</a><br class="">
          250-8BITMIME<br class="">
          250-AUTH <br class="">
          250-BURL imap<br class="">
          250-CHUNKING<br class="">
          250-ENHANCEDSTATUSCODES<br class="">
          250-SIZE 41943040<br class="">
          250-STARTTLS<br class="">
          250 PIPELINING<br class="">
          QUIT<br class="">
          221 2.0.0 Bye</div>
        <div class=""><br class="">
        </div>
        <div class="">===============</div>
        <div class=""><br class="">
        </div>
        <div class="">Ditto if I use openssl s_client -starttls smtp
          -crlf -connect <a href="http://smtp.example.com:587" class=""
            moz-do-not-send="true">smtp.example.com:587</a> and send the
          EHLO after STARTTLS.</div>
        <div class=""><br class="">
        </div>
        <div class="">===============</div>
        <div class=""><br class="">
        </div>
        <div class="">For the record, here is the result of a direct
          connect to postfix:</div>
        <div class=""><br class="">
        </div>
        <div class="">$ nc 127.0.0.1 8587<br class="">
          220 <a href="http://smtp.example.com" class=""
            moz-do-not-send="true">smtp.example.com</a> ESMTP Postfix<br
            class="">
          EHLO <a href="http://example.com" class=""
            moz-do-not-send="true">example.com</a><br class="">
          <a href="http://250-smtp.example.com" class=""
            moz-do-not-send="true">250-smtp.example.com</a><br class="">
          250-PIPELINING<br class="">
          250-SIZE 41943040<br class="">
          250-VRFY<br class="">
          250-ETRN<br class="">
          250-STARTTLS<br class="">
          250-AUTH PLAIN LOGIN<br class="">
          250-XCLIENT NAME ADDR PROTO HELO REVERSE_NAME PORT LOGIN
          DESTADDR DESTPORT<br class="">
          250-ENHANCEDSTATUSCODES<br class="">
          250-8BITMIME<br class="">
          250-DSN<br class="">
          250 SMTPUTF8</div>
        <div class=""><br class="">
        </div>
        <div class="">===============</div>
        <div class=""><br class="">
        </div>
        <div class="">And here is the content of the row logs when a
          mail is sent.</div>
        <div class=""><br class="">
        </div>
        <div class="">======== <a href="http://rawlog.in" class=""
            moz-do-not-send="true">rawlog.in</a></div>
        <div class=""><br class="">
        </div>
        <div class="">1564258521.813430 220 <a
            href="http://smtp.example.com" class=""
            moz-do-not-send="true">smtp.example.com</a> ESMTP Postfix<br
            class="">
          1564258521.814206 <a href="http://250-smtp.example.com"
            class="" moz-do-not-send="true">250-smtp.example.com</a><br
            class="">
          1564258521.814206 250-PIPELINING<br class="">
          1564258521.814206 250-SIZE 41943040<br class="">
          1564258521.814206 250-VRFY<br class="">
          1564258521.814206 250-ETRN<br class="">
          1564258521.814206 250-STARTTLS<br class="">
          1564258521.814206 250-AUTH PLAIN LOGIN<br class="">
          1564258521.814206 250-XCLIENT NAME ADDR PROTO HELO
          REVERSE_NAME PORT LOGIN DESTADDR DESTPORT<br class="">
          1564258521.814206 250-ENHANCEDSTATUSCODES<br class="">
          1564258521.814206 250-8BITMIME<br class="">
          1564258521.814206 250-DSN<br class="">
          1564258521.814206 250 SMTPUTF8<br class="">
          1564258521.848159 220 <a href="http://smtp.example.com"
            class="" moz-do-not-send="true">smtp.example.com</a> ESMTP
          Postfix<br class="">
          1564258521.849506 <a href="http://250-smtp.example.com"
            class="" moz-do-not-send="true">250-smtp.example.com</a><br
            class="">
          1564258521.849506 250-PIPELINING<br class="">
          1564258521.849506 250-SIZE 41943040<br class="">
          1564258521.849506 250-VRFY<br class="">
          1564258521.849506 250-ETRN<br class="">
          1564258521.849506 250-STARTTLS<br class="">
          1564258521.849506 250-AUTH PLAIN LOGIN<br class="">
          1564258521.849506 250-XCLIENT NAME ADDR PROTO HELO
          REVERSE_NAME PORT LOGIN DESTADDR DESTPORT<br class="">
          1564258521.849506 250-ENHANCEDSTATUSCODES<br class="">
          1564258521.849506 250-8BITMIME<br class="">
          1564258521.849506 250-DSN<br class="">
          1564258521.849506 250 SMTPUTF8<br class="">
          1564258521.854093 250 2.1.0 Ok<br class="">
          1564258521.909487 250 2.1.5 Ok<br class="">
          1564258521.983093 354 End data with
          <CR><LF>.<CR><LF><br class="">
          1564258522.115312 250 2.0.0 Ok: queued as DDBCCD53B</div>
        <div class=""><br class="">
        </div>
        <div class="">======== rawlog.out</div>
        <div class=""><br class="">
        </div>
        <div class="">1564258521.813739 EHLO <a
            href="http://smtp.example.com" class=""
            moz-do-not-send="true">smtp.example.com</a><br class="">
          1564258521.846054 XCLIENT HELO=[10.188.153.106] PROTO=ESMTP
          LOGIN=info PORT=47564 ADDR=46.193.33.66<br class="">
          1564258521.848701 EHLO <a href="http://smtp.example.com"
            class="" moz-do-not-send="true">smtp.example.com</a><br
            class="">
          1564258521.850122 MAIL FROM:<<a
            href="mailto:service@example.com" class=""
            moz-do-not-send="true">service@example.com</a>> AUTH=info<br
            class="">
          1564258521.889896 RCPT TO:<<a
            href="mailto:jddupas@xooloo.com" class=""
            moz-do-not-send="true">jddupas@xooloo.com</a>><br
            class="">
          1564258521.981094 DATA<br class="">
          1564258521.983757 Received: from [10.188.153.106]
          ([46.193.33.66])<br class="">
          1564258521.983757 <span class="Apple-tab-span" style="white-space: pre;">  </span>by
          <a href="http://smtp.example.com" class=""
            moz-do-not-send="true">smtp.example.com</a> with ESMTPSA<br
            class="">
          1564258521.983757 <span class="Apple-tab-span" style="white-space: pre;">  </span>id
          cSDvMtmwPF14TAAABU9jsA<br class="">
          1564258521.983757 <span class="Apple-tab-span" style="white-space: pre;">  </span>(envelope-from
          <<a href="mailto:service@example.com" class=""
            moz-do-not-send="true">service@example.com</a>>)<br
            class="">
          1564258521.983757 <span class="Apple-tab-span" style="white-space: pre;">  </span>for
          <<a href="mailto:jddupas@xooloo.com" class=""
            moz-do-not-send="true">jddupas@xooloo.com</a>>; Sat, 27
          Jul 2019 22:15:21 +0200<br class="">
          1564258521.984065 From: Jean-Daniel Dupas <<a
            href="mailto:service@example.com" class=""
            moz-do-not-send="true">service@example.com</a>><br
            class="">
          1564258521.984065 Content-Type: text/plain<br class="">
          1564258521.984065 Content-Transfer-Encoding: 7bit<br class="">
          1564258521.984065 Mime-Version: 1.0 (Mac OS X Mail 12.4
          \(3445.104.11\))<br class="">
          1564258521.984065 Subject: Send test<br class="">
          1564258521.984065 Message-Id: <<a
            href="mailto:827EAD17-6C27-4BDF-AD94-F106E37745C1@example.com"
            class="" moz-do-not-send="true">827EAD17-6C27-4BDF-AD94-F106E37745C1@example.com</a>><br
            class="">
          1564258521.984065 Date: Sat, 27 Jul 2019 22:15:19 +0200<br
            class="">
          1564258521.984065 To: Jean-Daniel Dupas <<a
            href="mailto:jddupas@xooloo.com" class=""
            moz-do-not-send="true">jddupas@xooloo.com</a>><br
            class="">
          1564258521.984065 X-Mailer: Apple Mail (2.3445.104.11)<br
            class="">
          1564258521.984065 <br class="">
          1564258521.984280 .<br class="">
          1564258543.105429 QUIT</div>
        <div class=""><br class="">
        </div>
        <div class=""><br class="">
        </div>
        ================== doveconf -n
        <div class=""><br class="">
          # 2.3.7.1 (0152c8b10): /etc/dovecot/dovecot.conf<br class="">
          # Pigeonhole version 0.5.7.1 (db5c74be)<br class="">
          # OS: Linux 4.15.0-55-generic x86_64 Ubuntu 18.04.2 LTS <br
            class="">
          # Hostname: <a href="http://example.com" class=""
            moz-do-not-send="true">example.com</a><br class="">
          auth_mechanisms = plain login<br class="">
          auth_verbose = yes<br class="">
          hostname = <a href="http://smtp.example.com" class=""
            moz-do-not-send="true">smtp.example.com</a><br class="">
          imap_hibernate_timeout = 1 mins<br class="">
          mail_attribute_dict = <a class="moz-txt-link-freetext" href="file:%h/metadata">file:%h/metadata</a><br class="">
          mail_gid = vmail<br class="">
          mail_location = mdbox:~/mail<br class="">
          mail_plugins = fts fts_xapian<br class="">
          mail_server_admin = <a href="mailto:sysadmin@example.com"
            class="" moz-do-not-send="true">mailto:sysadmin@example.com</a><br
            class="">
          mail_uid = vmail<br class="">
          managesieve_notify_capability = mailto<br class="">
          managesieve_sieve_capability = fileinto reject envelope
          encoded-character vacation subaddress
          comparator-i;ascii-numeric relational regex imap4flags copy
          include variables body enotify environment mailbox date index
          ihave duplicate mime foreverypart extracttext imapsieve
          vnd.dovecot.imapsieve<br class="">
          namespace inbox {<br class="">
            inbox = yes<br class="">
            location = <br class="">
            mailbox Archive {<br class="">
              auto = subscribe<br class="">
              special_use = \Archive<br class="">
            }<br class="">
            mailbox Drafts {<br class="">
              auto = subscribe<br class="">
              special_use = \Drafts<br class="">
            }<br class="">
            mailbox Junk {<br class="">
              auto = subscribe<br class="">
              special_use = \Junk<br class="">
            }<br class="">
            mailbox Sent {<br class="">
              auto = subscribe<br class="">
              special_use = \Sent<br class="">
            }<br class="">
            mailbox Trash {<br class="">
              auto = subscribe<br class="">
              special_use = \Trash<br class="">
            }<br class="">
            prefix = <br class="">
            separator = /<br class="">
          }<br class="">
          passdb {<br class="">
            args = /etc/dovecot/dovecot-ldap.conf.ext<br class="">
            driver = ldap<br class="">
          }<br class="">
          plugin {<br class="">
            fts = xapian<br class="">
            fts_autoindex = yes<br class="">
            fts_autoindex_exclude = \Junk<br class="">
            fts_autoindex_exclude2 = \Trash<br class="">
            fts_enforced = yes<br class="">
            fts_languages = fr en<br class="">
            fts_xapian = partial=2 full=20<br class="">
            imapsieve_mailbox1_before =
          <a class="moz-txt-link-freetext" href="file:/var/lib/vmail/imapsieve/learn-spam.sieve">file:/var/lib/vmail/imapsieve/learn-spam.sieve</a><br class="">
            imapsieve_mailbox1_causes = COPY<br class="">
            imapsieve_mailbox1_name = Junk<br class="">
            imapsieve_mailbox2_before =
          <a class="moz-txt-link-freetext" href="file:/var/lib/vmail/imapsieve/learn-ham.sieve">file:/var/lib/vmail/imapsieve/learn-ham.sieve</a><br class="">
            imapsieve_mailbox2_causes = COPY<br class="">
            imapsieve_mailbox2_from = Junk<br class="">
            imapsieve_mailbox2_name = *<br class="">
            imapsieve_mailbox3_before =
          <a class="moz-txt-link-freetext" href="file:/var/lib/vmail/imapsieve/unflag.sieve">file:/var/lib/vmail/imapsieve/unflag.sieve</a><br class="">
            imapsieve_mailbox3_causes = COPY<br class="">
            imapsieve_mailbox3_name = Trash<br class="">
            plugin = fts fts_xapian<br class="">
            sieve = <a class="moz-txt-link-freetext" href="file:~/sieve;active=~/.dovecot.sieve">file:~/sieve;active=~/.dovecot.sieve</a><br class="">
            sieve_after = /var/lib/vmail/sieve-after<br class="">
            sieve_global_extensions = +vnd.dovecot.pipe
          +vnd.dovecot.environment<br class="">
            sieve_pipe_bin_dir = /var/lib/vmail/sieve-pipe<br class="">
            sieve_plugins = sieve_imapsieve sieve_extprograms<br
            class="">
          }<br class="">
          postmaster_address = <br class="">
          protocols = " imap lmtp sieve submission"<br class="">
          recipient_delimiter = -<br class="">
          service auth-worker {<br class="">
            user = $default_internal_user<br class="">
          }<br class="">
          service auth {<br class="">
            unix_listener /var/spool/postfix/private/auth {<br class="">
              group = postfix<br class="">
              mode = 0600<br class="">
              user = postfix<br class="">
            }<br class="">
          }<br class="">
          service doveadm {<br class="">
            vsz_limit = 1 G<br class="">
          }<br class="">
          service imap-hibernate {<br class="">
            unix_listener imap-hibernate {<br class="">
              group = vmail<br class="">
              mode = 0660<br class="">
            }<br class="">
            user = vmail<br class="">
          }<br class="">
          service imap-login {<br class="">
            inet_listener imap {<br class="">
              port = 0<br class="">
            }<br class="">
            inet_listener imaps {<br class="">
              port = 993<br class="">
            }<br class="">
            process_min_avail = 2<br class="">
          }<br class="">
          service imap {<br class="">
            unix_listener imap-master {<br class="">
              user = vmail<br class="">
            }<br class="">
          }<br class="">
          service indexer-worker {<br class="">
            vsz_limit = 1 G<br class="">
          }<br class="">
          service lmtp {<br class="">
            unix_listener /var/spool/postfix/private/dovecot-lmtp {<br
            class="">
              group = postfix<br class="">
              mode = 0600<br class="">
              user = postfix<br class="">
            }<br class="">
          }<br class="">
          service managesieve-login {<br class="">
            inet_listener sieve {<br class="">
              address = localhost<br class="">
            }<br class="">
          }<br class="">
          service submission-login {<br class="">
            inet_listener submissions {<br class="">
              haproxy = no<br class="">
              port = 465<br class="">
              reuse_port = no<br class="">
              ssl = yes<br class="">
            }<br class="">
          }<br class="">
          ssl_alt_cert = </var/lib/acme/<a
            href="http://imap.example.com/rsa/cert.pem" class=""
            moz-do-not-send="true">imap.example.com/rsa/cert.pem</a><br
            class="">
          ssl_alt_key = # hidden, use -P to show it<br class="">
          ssl_cert = </var/lib/acme/<a
            href="http://imap.example.com/ecdsa/cert.pem" class=""
            moz-do-not-send="true">imap.example.com/ecdsa/cert.pem</a><br
            class="">
          ssl_cipher_list =
TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS<br
            class="">
          ssl_dh = # hidden, use -P to show it<br class="">
          ssl_key = # hidden, use -P to show it<br class="">
          ssl_min_protocol = TLSv1.1<br class="">
          ssl_prefer_server_ciphers = yes<br class="">
          submission_host = <a href="http://smtp.example.com" class=""
            moz-do-not-send="true">smtp.example.com</a><br class="">
          submission_max_mail_size = 40 M<br class="">
          submission_relay_host = localhost<br class="">
          submission_relay_port = 8587<br class="">
          submission_relay_trusted = yes<br class="">
          userdb {<br class="">
            driver = prefetch<br class="">
          }<br class="">
          userdb {<br class="">
            args = /etc/dovecot/dovecot-ldap.conf.ext<br class="">
            driver = ldap<br class="">
          }<br class="">
          protocol lmtp {<br class="">
            mail_plugins = fts fts_xapian sieve<br class="">
          }<br class="">
          protocol imap {<br class="">
            imap_metadata = yes<br class="">
            mail_max_userip_connections = 25<br class="">
            mail_plugins = fts fts_xapian imap_zlib imap_sieve<br
            class="">
            namespace inbox {<br class="">
              location = <br class="">
              mailbox Junk {<br class="">
                autoexpunge = 30 days<br class="">
              }<br class="">
              mailbox Trash {<br class="">
                autoexpunge = 30 days<br class="">
              }<br class="">
              prefix = <br class="">
            }<br class="">
          }<br class="">
        </div>
        <blockquote type="cite" class="">
          <div class="">
            <blockquote type="cite" style="font-family: Helvetica;
              font-size: 12px; font-style: normal; font-variant-caps:
              normal; font-weight: normal; letter-spacing: normal;
              orphans: auto; text-align: start; text-indent: 0px;
              text-transform: none; white-space: normal; widows: auto;
              word-spacing: 0px; -webkit-text-size-adjust: auto;
              -webkit-text-stroke-width: 0px; text-decoration: none;"
              class="">submission_relay_rawlog_dir = /var/log/dovecot/<br
                class="">
              submission_relay_trusted = yes<br class="">
              <br class="">
              My main issue is that until I login, dovecot-submission
              won't connect to the backend and query the capabilities
              and so won't report the right capabilities.<br class="">
              <br class="">
              That mean that the first EHLO message don't get the right
              capabilities list.<br class="">
              <br class="">
              "<br class="">
              EHLO <a href="http://example.com" class=""
                moz-do-not-send="true">example.com</a><br class="">
              <br class="">
              <a href="http://250-smtp.example.com" class=""
                moz-do-not-send="true">250-smtp.example.com</a><br
                class="">
              250-8BITMIME<br class="">
              250-AUTH PLAIN LOGIN<br class="">
              250-BURL imap<br class="">
              250-CHUNKING<br class="">
              250-ENHANCEDSTATUSCODES<br class="">
              250-SIZE<br class="">
              250 PIPELINING<br class="">
              "<br class="">
              <br class="">
              This list don't contains VRFY, DNS, and SIZE is not
              specified (all of these is present in backend EHLO
              response).<br class="">
              After login, if I send an new EHLO command, everything is
              properly reported. The raw log shows that unlike what the
              documentation says,<br class="">
              dovecot don't try to connect to the backend until the user
              is properly logged.<br class="">
              <br class="">
              In my raw log I show that after I logged in
              dovecot-submission, the later open a connection to the
              backend and send a X-CLIENT command.<br class="">
              <br class="">
              <br class="">
              Now, if I try to force the capabilities by using:<br
                class="">
              <br class="">
              submission_backend_capabilities = VRFY 8BITMIME DSN<br
                class="">
              <br class="">
              dovecot properly reports all SMTP capabilities in the
              first EHLO response, but it completely stops emitting
              X-CLIENT command to the backend<br class="">
              and try to simply forward the command without
              authentication, which result in postfix rejecting the
              command with an unauthorized user error.<br class="">
              <br class="">
              What is wrong with my configuration ?<br class="">
              Thanks.<br class="">
            </blockquote>
            <br style="caret-color: rgb(0, 0, 0); font-family:
              Helvetica; font-size: 12px; font-style: normal;
              font-variant-caps: normal; font-weight: normal;
              letter-spacing: normal; text-align: start; text-indent:
              0px; text-transform: none; white-space: normal;
              word-spacing: 0px; -webkit-text-stroke-width: 0px;
              text-decoration: none;" class="">
            <span style="caret-color: rgb(0, 0, 0); font-family:
              Helvetica; font-size: 12px; font-style: normal;
              font-variant-caps: normal; font-weight: normal;
              letter-spacing: normal; text-align: start; text-indent:
              0px; text-transform: none; white-space: normal;
              word-spacing: 0px; -webkit-text-stroke-width: 0px;
              text-decoration: none; float: none; display: inline
              !important;" class="">Can you send us your complete
              configuration (output from `dovecot -n`)?</span><br
              style="caret-color: rgb(0, 0, 0); font-family: Helvetica;
              font-size: 12px; font-style: normal; font-variant-caps:
              normal; font-weight: normal; letter-spacing: normal;
              text-align: start; text-indent: 0px; text-transform: none;
              white-space: normal; word-spacing: 0px;
              -webkit-text-stroke-width: 0px; text-decoration: none;"
              class="">
            <br style="caret-color: rgb(0, 0, 0); font-family:
              Helvetica; font-size: 12px; font-style: normal;
              font-variant-caps: normal; font-weight: normal;
              letter-spacing: normal; text-align: start; text-indent:
              0px; text-transform: none; white-space: normal;
              word-spacing: 0px; -webkit-text-stroke-width: 0px;
              text-decoration: none;" class="">
            <span style="caret-color: rgb(0, 0, 0); font-family:
              Helvetica; font-size: 12px; font-style: normal;
              font-variant-caps: normal; font-weight: normal;
              letter-spacing: normal; text-align: start; text-indent:
              0px; text-transform: none; white-space: normal;
              word-spacing: 0px; -webkit-text-stroke-width: 0px;
              text-decoration: none; float: none; display: inline
              !important;" class="">Regards,</span><br
              style="caret-color: rgb(0, 0, 0); font-family: Helvetica;
              font-size: 12px; font-style: normal; font-variant-caps:
              normal; font-weight: normal; letter-spacing: normal;
              text-align: start; text-indent: 0px; text-transform: none;
              white-space: normal; word-spacing: 0px;
              -webkit-text-stroke-width: 0px; text-decoration: none;"
              class="">
            <br style="caret-color: rgb(0, 0, 0); font-family:
              Helvetica; font-size: 12px; font-style: normal;
              font-variant-caps: normal; font-weight: normal;
              letter-spacing: normal; text-align: start; text-indent:
              0px; text-transform: none; white-space: normal;
              word-spacing: 0px; -webkit-text-stroke-width: 0px;
              text-decoration: none;" class="">
            <span style="caret-color: rgb(0, 0, 0); font-family:
              Helvetica; font-size: 12px; font-style: normal;
              font-variant-caps: normal; font-weight: normal;
              letter-spacing: normal; text-align: start; text-indent:
              0px; text-transform: none; white-space: normal;
              word-spacing: 0px; -webkit-text-stroke-width: 0px;
              text-decoration: none; float: none; display: inline
              !important;" class="">Stephan.</span></div>
        </blockquote>
      </div>
      <br class="">
    </blockquote>
  </body>
</html>