[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Postfix + TLS. Почему не пускает?

Привет, коллеги.

Проясните мне один момент.

Имеем в main.cf

broken_sasl_auth_clients = yes
smtpd_sasl_path = smtpd
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_tls_received_header = yes
smtpd_tls_CAfile = /usr/lib/ssl/misc/demoCA/cacert.pem
smtpd_tls_cert_file = /etc/postfix/certs/postfix_public_cert.pem
smtpd_tls_key_file = /etc/postfix/certs/postfix_private_key.pem
smtpd_tls_dh1024_param_file = /etc/postfix/dh_1024.pem
smtpd_tls_dh512_param_file  = /etc/postfix/dh_512.pem
smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache
smtpd_tls_security_level = may
smtpd_tls_auth_only = no
smtpd_tls_ask_ccert = yes
smtpd_tls_loglevel = 1

relay_clientcerts = hash:/etc/postfix/relay_clientcerts

smtpd_recipient_restrictions =  permit_tls_clientcerts,
                                reject_unauth_destination

При попытке отправить почту в лог летит вот это

Feb  7 11:21:11 localhost postfix/smtpd[17139]: connect from peter.mcbfa.local[192.168.1.10]
Feb  7 11:21:11 localhost postfix/smtpd[17139]: setting up TLS connection from peter.mcbfa.local[192.168.1.10]
Feb  7 11:21:11 localhost postfix/smtpd[17139]: fingerprint=8F:E8:59:86:69:7A:B3:48:86:E4:43:3B:51:05:D6:61
Feb  7 11:21:11 localhost postfix/smtpd[17139]: Verified: subject_CN=Peter Teslenko, issuer=sandbox.mcbfa.local
Feb 7 11:21:11 localhost postfix/smtpd[17139]: TLS connection established from peter.mcbfa.local[192.168.1.10]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) Feb 7 11:21:11 localhost postfix/smtpd[17139]: NOQUEUE: reject: RCPT from peter.mcbfa.local[192.168.1.10]: 554 5.7.1 <peter@xxxxx.ru>: Relay access denied; from=<peter@sandbox.mcbfa.local> to=<peter@xxxxx.ru> proto=ESMTP helo=<[127.0.0.1]> 
Feb  7 11:21:12 localhost postfix/smtpd[17139]: lost connection after RCPT from peter.mcbfa.local[192.168.1.10]
Feb  7 11:21:12 localhost postfix/smtpd[17139]: disconnect from peter.mcbfa.local[192.168.1.10]

Почему вылезает Relay access denied?
Как я понимаю TLS авторизация прошла. С чего тогда отлуп?
Или я где-то что-то забыл?

--
Peter Teslenko
Reply to: