Postfix MTA user discussion

priscilla | 3 Jul 08:21

Allow only authenticated sender

Dear All,
We have installed postfix with openldap and cyrus sasl.
We want to allow only authenticated sender to send mails.
We have configured the following in postfix's main.cf to implement the same.

smtpd_sender_login_maps=<ldap>
smtpd_reject_unlisted_sender=yes
smtpd_sender_restrictions=reject_sender_login_mismatch  
check_sender_access <ldap>

But we get the following error message

The mail server responded 5.7.1  <recipient address>  sender address 
rejected now owned by user <sender> . Please check the message 
recipients and try again.

Regards
Priscilla

headers

Sahil Tandon | 3 Jul 08:36

Re: Allow only authenticated sender

On Fri, 03 Jul 2009, priscilla wrote:

> We want to allow only authenticated sender to send mails.

The incomplete set of configuration variables you list below are unrelated to
this goal.  If you want to do something other than simply "allow
authenticated sender to send mails", then please clarify.

> We have configured the following in postfix's main.cf to implement the same.
>
> smtpd_sender_login_maps=<ldap>
> smtpd_reject_unlisted_sender=yes
> smtpd_sender_restrictions=reject_sender_login_mismatch   
> check_sender_access <ldap>

No, read DEBUG_README (a document to which you were referred upon joining
this mailing list) and provide at least the output of 'postconf -n' when
soliciting help.

> But we get the following error message
>
> The mail server responded 5.7.1  <recipient address>  sender address  
> rejected now owned by user <sender> . Please check the message  
> recipients and try again.

Cut-and-paste instead of introducing typos by manually transcribing excerpts
from your maillog.  Nonetheless, the rejection text is quite clear; also see:
http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch

--

-- 
Sahil Tandon <sahil <at> tandon.net>

(Continue reading)

headers

priscilla | 3 Jul 10:26

Re: Allow only authenticated sender

Yes I want only authenticated sender to send mails.

Regards
Priscilla

Sahil Tandon wrote:

On Fri, 03 Jul 2009, priscilla wrote:
We want to allow only authenticated sender to send mails.
The incomplete set of configuration variables you list below are unrelated to this goal. If you want to do something other than simply "allow authenticated sender to send mails", then please clarify.
We have configured the following in postfix's main.cf to implement the same. smtpd_sender_login_maps=<ldap> smtpd_reject_unlisted_sender=yes smtpd_sender_restrictions=reject_sender_login_mismatch check_sender_access <ldap>
No, read DEBUG_README (a document to which you were referred upon joining this mailing list) and provide at least the output of 'postconf -n' when soliciting help.
But we get the following error message The mail server responded 5.7.1 <recipient address> sender address rejected now owned by user <sender> . Please check the message recipients and try again.
Cut-and-paste instead of introducing typos by manually transcribing excerpts from your maillog. Nonetheless, the rejection text is quite clear; also see: http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch

headers

Magnus Bäck | 3 Jul 10:50

Re: Allow only authenticated sender

On Fri, July 3, 2009 10:26 am, priscilla said:

*

> Yes I want only authenticated sender to send mails.

smtpd_sender_restrictions = permit_sasl_authenticated, reject

This obviously assumes that this server isn't used to receive email from
the outside since ALL clients must authenticate.

Please do not top-post, but do quote properly.

--

-- 
Magnus Bäck
magnus <at> dsek.lth.se