[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

postfix relay smtp authentication


I have been succesfully running postfix on Sarge as a local mailserver relaying all outbound mail (from multiple internal accounts) to my ISP.

However my ISP has just decided to require SMTP authentication.

I have set up SASL following the postfix documentation and the authentication phase succeeds, *however* postfix does not include the authenticated sender address in the AUTH section of the MAIL FROM message and my ISP is still refusing the message :((

Looking at the source in src/smtp/smtp_proto.c:
            * We authenticate the local MTA only, but not the sender.
           if (var_smtp_sasl_enable
               && (state->features & SMTP_FEATURE_AUTH)
               && state->sasl_passwd)
               vstring_strcat(next_command, " AUTH=<>");

I have "fixed" this with the following patch to the postfix code:

--- postfix-2.1.5/src/smtp/smtp_proto.c 2006-12-04 22:08:23.000000000 +0100
+++ postfix-2.1.5/src/smtp/smtp_proto.c.new 2006-12-04 22:33:35.943911483 +0100
@@ -755,8 +755,11 @@
           if (var_smtp_sasl_enable
               && (state->features & SMTP_FEATURE_AUTH)
-               && state->sasl_passwd)
-               vstring_strcat(next_command, " AUTH=<>");
+               && state->sasl_passwd) {
+ // Patch MF 4/12/2006 Authenticate sender (for Tele2...)
+                       QUOTE_ADDRESS(state->scratch, request->sender);
+ vstring_sprintf_append(next_command, " AUTH=<%s>", vstring_str(state->scratch));
+               }
           next_state = SMTP_STATE_RCPT;

This works BUT only for a single user since the postfix version in sarge (2.1.5) doesn't implement the smtp_sender_dependent_authentication option and my ISP actually wants the correct password for each email address (not just a single one for all addresses associated with the account.

I've tried similarly patching the etch version of postfix - I can build the package but it won't install due to an unsatisified dependency on lsb_base (> 3.0.6)

So does anyone have any better ideas of how to make this work?



Reply to: