我正在尝试使 postfix 不对端口 25 上的用户进行身份验证,而仅对 587 上的用户进行身份验证并使用 STARTTLS。我尝试过可能不同的配置,但到目前为止没有成功。
主要.cf:
...
smtpd_sasl_auth_enable =是
smtpd_sasl_authenticated_header = 是
smtpd_sasl_local_domain = $my主机名
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = 鸽舍
broken_sasl_auth_clients = 是
smtpd_sasl_path = 私有/身份验证
allowed_mail_to_commands = 别名
allowed_mail_to_files = 别名
smtpd_data_restrictions =拒绝_unauth_pipelined
smtpd_helo_required = 是
smtpd_sender_restrictions=permit_sasl_authenticated
smtpd_recipient_restrictions =
拒绝非fqdn_sender,
reject_non_fqdn_helo_hostname,
拒绝未知收件人域,
拒绝非 FQDN 收件人,
拒绝无效主机名,
允许_sasl_验证,
拒绝未经验证的目的地
smtpd_use_tls = 是
smtp_use_tls = 是
#smtpd_tls_security_level = 可以
#smtp_tls_security_level = 加密
smtpd_tls_auth_only = 是
smtpd_tls_mandatory_protocols = !SSLv3, !SSLv2
smtp_tls_note_starttls_offer = 是
smtpd_tls_key_file = /etc/ssl/postfix/smtpd.pem
smtpd_tls_cert_file = /etc/ssl/postfix/smtpd.pem
smtpd_tls_CAfile = /etc/ssl/postfix/smtpd.pem
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_loglevel = 1
smtpd_tls_received_header = 是
tls_random_source = dev:/dev/urandom
...
掌握:
# 服务类型 private unpriv chrootwakeup maxproc command + args
#(是)(是)(是)(从不)(100)
# =================================================== =========================
smtp inet n - n - - smtpd
# -o smtp_sasl_auth_enable=是
提交inet n - n - - smtpd
# -o content_filter=spamassassin
-o smtpd_tls_security_level=加密
# user=spamd argv=/usr/local/bin/spamc -f -e /usr/local/libexec/dovecot/deliver -f ${发件人} -d ${收件人}
# -o smtpd_enforce_tls=是
# -o syslog_name=postfix/提交
-o smtpd_sasl_auth_enable=是
# -o smtpd_reject_unlisted_recipient=否
# -o smtpd_client_restrictions=$mua_client_restrictions
-o smtpd_client_restrictions=permit_sasl_authenticated,拒绝
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=permit_sasl_authenticated,拒绝
# -o smtpd_relay_restrictions=permit_sasl_authenticated,拒绝
# -o milter_macro_daemon_name=起源
#smtps inet n - n - - smtpd
# -o syslog_name=postfix/smtps
# -o smtpd_tls_security_level=加密
# -o smtpd_tls_wrappermode=是
# -o smtpd_sasl_auth_enable=是
# -o smtpd_client_restrictions=permit_sasl_authenticated,拒绝
# -o smtpd_reject_unlisted_recipient=否
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,拒绝
# -o milter_macro_daemon_name=起源
#628 inet n - n - qmqpd
拾音器 unix n - n 60 1 拾音器
...
也许,我错过了一些东西..谢谢
将其添加到您的master.cf:
submission inet n - - - - smtpd
-o smtpd_sasl_auth_enable=yes
...
并smtpd_sasl_auth_enable = yes从您的main.cf默认设置中删除no。