Re: Postfix + TLS. Почему не пускает?
Hi.
А если попробовать добавить слово "external" в список механизмов SASL?
/etc/postfix/sasl/smtpd.conf
mech_list: ....
А.
On 07/02/07 12:19, Peter Teslenko wrote:
> Привет, коллеги.
>
> Проясните мне один момент.
>
> Имеем в main.cf
>
> broken_sasl_auth_clients = yes
> smtpd_sasl_path = smtpd
> smtpd_sasl_local_domain = $myhostname
> smtpd_sasl_security_options = noanonymous, noplaintext
> smtpd_sasl_tls_security_options = noanonymous
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_authenticated_header = yes
> smtpd_tls_received_header = yes
> smtpd_tls_CAfile = /usr/lib/ssl/misc/demoCA/cacert.pem
> smtpd_tls_cert_file = /etc/postfix/certs/postfix_public_cert.pem
> smtpd_tls_key_file = /etc/postfix/certs/postfix_private_key.pem
> smtpd_tls_dh1024_param_file = /etc/postfix/dh_1024.pem
> smtpd_tls_dh512_param_file = /etc/postfix/dh_512.pem
> smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_scache
> smtpd_tls_security_level = may
> smtpd_tls_auth_only = no
> smtpd_tls_ask_ccert = yes
> smtpd_tls_loglevel = 1
>
> relay_clientcerts = hash:/etc/postfix/relay_clientcerts
>
> smtpd_recipient_restrictions = permit_tls_clientcerts,
> reject_unauth_destination
>
> При попытке отправить почту в лог летит вот это
>
> Feb 7 11:21:11 localhost postfix/smtpd[17139]: connect from
> peter.mcbfa.local[192.168.1.10]
> Feb 7 11:21:11 localhost postfix/smtpd[17139]: setting up TLS
> connection from peter.mcbfa.local[192.168.1.10]
> Feb 7 11:21:11 localhost postfix/smtpd[17139]:
> fingerprint=8F:E8:59:86:69:7A:B3:48:86:E4:43:3B:51:05:D6:61
> Feb 7 11:21:11 localhost postfix/smtpd[17139]: Verified:
> subject_CN=Peter Teslenko, issuer=sandbox.mcbfa.local
> Feb 7 11:21:11 localhost postfix/smtpd[17139]: TLS connection
> established from peter.mcbfa.local[192.168.1.10]: TLSv1 with cipher
> DHE-RSA-AES256-SHA (256/256 bits)
> Feb 7 11:21:11 localhost postfix/smtpd[17139]: NOQUEUE: reject: RCPT
> from peter.mcbfa.local[192.168.1.10]: 554 5.7.1 <peter@xxxxx.ru>: Relay
> access denied; from=<peter@sandbox.mcbfa.local> to=<peter@xxxxx.ru>
> proto=ESMTP helo=<[127.0.0.1]>
> Feb 7 11:21:12 localhost postfix/smtpd[17139]: lost connection after
> RCPT from peter.mcbfa.local[192.168.1.10]
> Feb 7 11:21:12 localhost postfix/smtpd[17139]: disconnect from
> peter.mcbfa.local[192.168.1.10]
>
> Почему вылезает Relay access denied?
> Как я понимаю TLS авторизация прошла. С чего тогда отлуп?
> Или я где-то что-то забыл?
>
Reply to: