Welcome to the Linux Foundation Forum!

Lab 9.4 - Enable Relaying Using SMTP Authentication in Postfix

Posts: 4
edited December 2019 in LFS211 Class Forum

I think there is a typo in step 3 which reads:

  1. # postconf -e "smtpd_recipient_restrictions" = \
  2. permit_mynetworks, \
  3. permit_sasl_authenticated, \
  4. reject_unauth_destination", \
  5. reject

I believe it should instead read:

  1. # postconf -e "smtpd_recipient_restrictions = \
  2. permit_mynetworks, \
  3. permit_sasl_authenticated, \
  4. reject_unauth_destination, \
  5. reject"

Is the end goal not to have the following line(s) in main.cf?

  1. smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject

Also a note on versioning from the manual. I got the lab working (rejecting unathentuicated) using smtpd_relay_restrictions instead of smtpd_recipient_restrictions

  1. With Postfix versions before 2.10, the rules for relay permission and spam blocking were combined
  2. under smtpd_recipient_restrictions, resulting in error-prone configuration. As of Postfix 2.10,
  3. relay permission rules are preferably implemented with smtpd_relay_restrictions, so that a permis
  4. sive spam blocking policy under smtpd_recipient_restrictions will no longer result in a permissive
  5. mail relay policy.
  6.  
  7. For backwards compatibility, sites that migrate from Postfix versions before 2.10 can set
  8. smtpd_relay_restrictions to the empty value, and use smtpd_recipient_restrictions exactly as before.

Comments

  • Posts: 380

    Thank you for your comments.

    The postconf command; yes it appears the double quotes are not aligned correctly and you are correct the end goal is the line you described in main.cf. This will get fixed on the next version.

    Thank you for the observation on smtpd_relay_restrictions vs smtp_recipient_restrictions. I'm thinking the default value for smtp_relay_restrictions has changed causing the lab to not work as documented. I will investigate this and confirm the operation. Which distribution are you using? The default configuration files are sometimes different on the various distributions.

    Thank you for your input.

    Lee

  • Posts: 380

    Other than the fore mentioned typo with the quotes, the lab works as documented. I did get some syntax errors with SASL enabled that turned out to be capitalization requirement on the commands when using telnet.

Welcome!

It looks like you're new here. Sign in or register to get started.
Sign In

Welcome!

It looks like you're new here. Sign in or register to get started.
Sign In

Categories

Upcoming Training