Sieve vacation and smtp_sasl_password_maps

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Sieve vacation and smtp_sasl_password_maps

Gianni Angelozzi
Hi,

I've set up sieve vacation reply but my postfix setup is using
smtp_sasl_password_maps and smtp_sender_dependent_authentication.

The problem is that Sieve will send the reply with "from=<>" to prevent
bounces.

This means that Postfix has no way to authenticate to my ISP because it
doesn't find the sender entry on the sasl DB.

How can I use both features toghether?

Thanks in advance!
Gianni

Reply | Threaded
Open this post in threaded view
|

Re: Sieve vacation and smtp_sasl_password_maps

Wietse Venema
Gianni Angelozzi:
[ Charset ISO-8859-15 converted... ]

> Hi,
>
> I've set up sieve vacation reply but my postfix setup is using
> smtp_sasl_password_maps and smtp_sender_dependent_authentication.
>
> The problem is that Sieve will send the reply with "from=<>" to prevent
> bounces.
>
> This means that Postfix has no way to authenticate to my ISP because it
> doesn't find the sender entry on the sasl DB.
>
> How can I use both features toghether?

Apparently, there is no empty_address_xxx_lookup_key feature for
xxx in smtp_sender_dependent_authentication or smtp_sasl_password_maps.

Do you really need smtp_sender_dependent_authentication?

        Wietse

Reply | Threaded
Open this post in threaded view
|

Re: Sieve vacation and smtp_sasl_password_maps

Gianni Angelozzi
Thanks for the reply.

Yes, I need smtp_sender_dependent_authentication because the upstream
ISP will only accept incoming mails from the authenticated user.

The feature you suggest may not work on my scenario, because if I send
email from user1 but authenticating with user2 (the default user), my
ISP may reject that mail.

Gianni

> Gianni Angelozzi:
> [ Charset ISO-8859-15 converted... ]
>> Hi,
>>
>> I've set up sieve vacation reply but my postfix setup is using
>> smtp_sasl_password_maps and smtp_sender_dependent_authentication.
>>
>> The problem is that Sieve will send the reply with "from=<>" to prevent
>> bounces.
>>
>> This means that Postfix has no way to authenticate to my ISP because it
>> doesn't find the sender entry on the sasl DB.
>>
>> How can I use both features toghether?
> Apparently, there is no empty_address_xxx_lookup_key feature for
> xxx in smtp_sender_dependent_authentication or smtp_sasl_password_maps.
>
> Do you really need smtp_sender_dependent_authentication?
>
> Wietse
>
Reply | Threaded
Open this post in threaded view
|

Re: Sieve vacation and smtp_sasl_password_maps

@lbutlr
On 23 Nov 2019, at 10:13, Gianni Angelozzi <[hidden email]> wrote:
> Yes, I need smtp_sender_dependent_authentication because the upstream ISP will only accept incoming mails from the authenticated user.

That doesn’t imply a need for smtp_sender_dependent_authentication. That is needed, AIUI, when you have multiple senders on your system who all need separate authentication.

> Enable sender-dependent authentication in the Postfix SMTP client; this is available only with SASL authentication, and disables SMTP connection caching to ensure that **mail from different senders** will use the appropriate credentials.


(Emphasis mine)


--
'Does he have people put to death?' said Mort. SOMETIMES. THERE ARE
SOME THINGS YOU HAVE TO DO, WHEN YOU'RE A KING.

Reply | Threaded
Open this post in threaded view
|

Re: Sieve vacation and smtp_sasl_password_maps

Gianni Angelozzi
In my system I have 10 users. Each user has his own upstream account on
the ISP.

I use postfix + dovecot + fetchmail as a local mail server, but the real
sending is done by my ISP. I only forward local mails and the rest goes
out by the ISP.

When I authenticate the SMTP connection, my ISP will only allow that
user to send the mail. Like, if I use user1 credentials as the default,
then user2 won't be able to send mails. They will bounce back.

Isn't this is the reason smtp_sender_dependent_authentication is created
for?

Thanks for your help.

Gianni

> On 23 Nov 2019, at 10:13, Gianni Angelozzi <[hidden email]> wrote:
>> Yes, I need smtp_sender_dependent_authentication because the upstream ISP will only accept incoming mails from the authenticated user.
> That doesn’t imply a need for smtp_sender_dependent_authentication. That is needed, AIUI, when you have multiple senders on your system who all need separate authentication.
>
>> Enable sender-dependent authentication in the Postfix SMTP client; this is available only with SASL authentication, and disables SMTP connection caching to ensure that **mail from different senders** will use the appropriate credentials.
>
> (Emphasis mine)
>
>
Reply | Threaded
Open this post in threaded view
|

Re: Sieve vacation and smtp_sasl_password_maps

@lbutlr


> On 24 Nov 2019, at 03:42, Gianni Angelozzi <[hidden email]> wrote:
>
> In my system I have 10 users. Each user has his own upstream account on the ISP.

If you mentioned that before, I missed it.

> When I authenticate the SMTP connection, my ISP will only allow that user to send the mail. Like, if I use user1 credentials as the default, then user2 won't be able to send mails. They will bounce back.

In that case you do need smtp_sender_dependent_authentication (though I would go with a different provider or not run my mail server on a home connection).


--
'It's vital to remember who you really are. It's very important. It
isn't a good idea to rely on other people or things to do it for you,
you see. They always get it wrong.' —Sourcery