server: Debian Woodypackages: postfix-ldap, postfix-tls, postfix-mysql, postfix, postfix-pcre, openssl, libssl0.9.6, uw-imapd-ssl
- Opened ports 465 (smpts) and 993 (imaps) on the firewall- Changed /etc/postfix/main.cf and /etc/postfix/master.cf according to the documentation (because of their size I did not want to post them to the list, so they are available on my website at http://pegasus.cc.ucf.edu/~ro668344/main.cf and http://pegasus.cc.ucf.edu/~ro668344/master.cf)
I want this setup:SMTP(25) - only incoming/outgoing servers (i.e., no client logins from my users for relay) ESMTP(465) - relay access for only my users sending outbound mail authenticated either by user/pass or client cert I give them (a cert is easy since we only have 10 users)
IMAPS(993) - User read mail from here, authenticate with user/pass What is giving me the problem is this:smtpd_recipient_restrictions = permit_mynetworks, check_sender_access hash:/etc/postfix/access, permit_tls_clientcerts, reject_unauth_destination, reject
If I don't have "check_sender_access hash:/etc/postfix/access", then when I try to send mail get I get rejected "Relay access denied." But, if I add that (the file has lines "user@domain OK") I can send outbound mail, but I can either do it over SSL on port 465 or in the clear on port 25. The problem then becomes that anyone who spoofs one of our users would be able to send mail, and I want to limit the relay access to our users and have it avialable only over SSL so that they can't send their passwords over normal SMTP.
Also, in my tests I noted that even after I deleted mail from my folder (I was testing with Thunderbird from a machine in one of the on campus labs) it would reappear if I logged in via IMP webmail. When I ssh'd into the machine I noticed that I had two new files in my $HOME, Trash and Sent. But the contents of my $HOME/mail/ directory were as they had been before. How do I get the mail clients (webmail and remote IMAP) to use the same mail folder.
Description: PGP signature