Re: postfix relay smtp authentication

To: debian-user@lists.debian.org
Subject: Re: postfix relay smtp authentication
From: mockingbird@ihug.co.nz (Chris Bannister)
Date: Mon, 11 Dec 2006 21:49:51 +1300
Message-id: <[🔎] 20061211084951.GD11452@kan>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 4575FD16.6090909@fuzzey.net>
References: <[🔎] 4575FD16.6090909@fuzzey.net>

On Wed, Dec 06, 2006 at 12:13:26AM +0100, Martin Fuzzey wrote:
> Hi,
> 
> I have been succesfully running postfix on Sarge as a local mailserver 
> relaying all outbound mail (from multiple internal accounts) to my ISP.
> 
> However my ISP has just decided to require SMTP authentication.
> 
> I have set up SASL following the postfix documentation and the 
> authentication phase succeeds, *however* postfix does not include the 
> authenticated sender address in the AUTH section of the MAIL FROM 
> message and my ISP is still refusing the message :((
> 
> Looking at the source in src/smtp/smtp_proto.c:
>            /*
>             * We authenticate the local MTA only, but not the sender.
>             */
> #ifdef USE_SASL_AUTH
>            if (var_smtp_sasl_enable
>                && (state->features & SMTP_FEATURE_AUTH)
>                && state->sasl_passwd)
>                vstring_strcat(next_command, " AUTH=<>");
> #endif
> 
> 
> I have "fixed" this with the following patch to the postfix code:
> 
> --- postfix-2.1.5/src/smtp/smtp_proto.c 2006-12-04 22:08:23.000000000 +0100
> +++ postfix-2.1.5/src/smtp/smtp_proto.c.new     2006-12-04 
> 22:33:35.943911483 +0100
> @@ -755,8 +755,11 @@
> #ifdef USE_SASL_AUTH
>            if (var_smtp_sasl_enable
>                && (state->features & SMTP_FEATURE_AUTH)
> -               && state->sasl_passwd)
> -               vstring_strcat(next_command, " AUTH=<>");
> +               && state->sasl_passwd) {
> +                       // Patch MF 4/12/2006 Authenticate sender (for 
> Tele2...)
> +                       QUOTE_ADDRESS(state->scratch, request->sender);
> +                       vstring_sprintf_append(next_command, " 
> AUTH=<%s>", vstring_str(state->scratch));
> +               }
> #endif
>            next_state = SMTP_STATE_RCPT;
>            break;
> 
> 
> This works BUT only for a single user since the postfix version in sarge 
> (2.1.5) doesn't implement the smtp_sender_dependent_authentication 
> option and my ISP actually wants the correct password for each email 
> address (not just a single one for all addresses associated with the 
> account.
> 
> I've tried similarly patching the etch version of postfix - I can build 
> the package but it won't install due to an unsatisified dependency on 
> lsb_base (> 3.0.6)

I would post your question on the postfix-users list:
List-Post: <mailto:postfix-users@postfix.org>
Especially if you are talking code patches.

-- 
Chris.
======
" ... the official version cannot be abandoned because the implication of
rejecting it is far too disturbing: that we are subject to a government
conspiracy of `X-Files' proportions and insidiousness."
Letter to the LA Times Magazine, September 18, 2005.

Reply to:

References:
- postfix relay smtp authentication
  - From: Martin Fuzzey <mfuzzey@tele2.fr>

Prev by Date: Re: Non-printable Bytes in Variable Data A little Further Along
Next by Date: Re: Couldn't open directory /lib/modules/2.6.12: No such file or directory
Previous by thread: Re: postfix relay smtp authentication
Next by thread: Re: postfix relay smtp authentication
Index(es):
- Date
- Thread