On 06/06/2011 12:33 PM, Arun Khan wrote:
On Mon, Jun 6, 2011 at 1:35 AM, Rony gnulinuxist@gmail.com wrote:
I have been going through various docs on the net about sasl authentication in postfix.
I hope you are referring to postfix's docs and references. Your scenario is a common setup and IIRC there are examples on postifx's site on how to do this.
The problem is that examples are one sided, ie. either they tell you how to set up postfix as a client or a server. In my case it is both as it is a server for OE and client for the ISP.
Have you also enabled relay for the "local" LAN? If yes, then this needs to be disabled.
There is only one relay entry and that is for the ISP smtp.
*All* "local" users need to provide credentials to postfix for accepting emails from local clients.
I had skipped that part as realised later.
This is a good place to start http://www.postfix.org/SASL_README.html if you have not read it.
Also you have not mentioned which SASL mechanism you are using. In Cyrus SASL, the sasl_authd (sp?) service needs to be active. This is what I recall from what I had done in a postfix setup looooong time ago :)
I think it is cyrus.
After deleting the user did you regenerate the hash file?
I do it every time a change is made.
Suppose there is a flaw in my settings, shouldn't the ISP's mail server reject those mails when the username and password do not match with their list? That user has been deleted from their server.
No. You are probably authenticating your postfix server with that of our ISP SMTP, with a "particular" username/password or you have requested your ISP to allow relay from your WAN IP (static). In either case the onus is on your smtp server to allow/reject messages at the time when the local smtp client connects to the postfix smtp server in the LAN.
I don't have static IP. Just the regular mtnl triband with dynamic ip. I will post the main.cf file.