1

Topic: Allow users to send emails without SMTP authentication.

==== Required information ====
- iRedMail version: 0.8.5
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/CentOS distribution name and version: CentOS release 6.4 (Final)
- Related log if you're reporting an issue: Allow specific user to send email without outgoing authentication
====

Hi!

I would like to ask if I can allow a specific email user to send email without outgoing authentication? This is for our system that sends reports.

I follow steps on links below but it doesn't work.

http://www.iredmail.org/wiki/index.php? … ction=edit


http://www.iredmail.org/forum/topic883- … ation.html


Please help me and tell me how to configure this.


Thanks in advance

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Allow users to send emails without SMTP authentication.

*) It's recommended to enable SMTP auth to send email. It should be easy.
*) If you cannot enable smtp auth in your application (really?), the wiki tutorial (first link in your post) should be just fine. Did you follow the tutorial strictly? Please show us output of command "postconf -n", and content of file /etc/postfix/accept_unauth.

3 (edited by ruby.alberto 2013-10-29 10:47:41)

Re: Allow users to send emails without SMTP authentication.

ZhangHuangbin wrote:

*) It's recommended to enable SMTP auth to send email. It should be easy.
*) If you cannot enable smtp auth in your application (really?), the wiki tutorial (first link in your post) should be just fine. Did you follow the tutorial strictly? Please show us output of command "postconf -n", and content of file /etc/postfix/accept_unauth.



Below is my postconf -n
=========================================================================================
[root@mail sysconfig]# postconf -n
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
allow_min_user = no
allow_percent_hack = no
biff = no
bounce_queue_lifetime = 4h
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
delay_warning_time = 0h
disable_vrfy_command = yes
enable_original_recipient = no
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = ipv4
mail_owner = postfix
mailbox_command = /usr/libexec/dovecot/deliver
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
maximal_backoff_time = 4000s
maximal_queue_lifetime = 4h
message_size_limit = 15728640
minimal_backoff_time = 300s
mydestination = $myhostname, localhost, localhost.localdomain, localhost.$myhostname
mydomain = mydomain.com
myhostname = mail.mydomain.com
mynetworks = 127.0.0.0/8
mynetworks_style = host
myorigin = mail.mydomain.com
newaliases_path = /usr/bin/newaliases.postfix
proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $    relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $vir    tual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps $smtpd_sender_restrictions
queue_directory = /var/spool/postfix
queue_run_delay = 300s
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
recipient_bcc_maps = proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_user.cf, proxy:mysql:/etc/postfix/mysql/recipient_bcc_maps_domain.cf
recipient_delimiter = +
relay_domains = $mydestination, proxy:mysql:/etc/postfix/mysql/relay_domains.cf
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sender_bcc_maps = proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_user.cf, proxy:mysql:/etc/postfix/mysql/sender_bcc_maps_domain.cf
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_data_init_timeout = 240s
smtp_data_xfer_timeout = 600s
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, check_helo_access pcre:/etc/pos    tfix/helo_access.pcre
smtpd_recipient_restrictions = check_client_access hash:/etc/postfix/accepted_unauth_senders,          reject_unknown_sender_domain,           reject_unknown_recipi    ent_domain,           reject_non_fqdn_sender,           reject_non_fqdn_recipient,           reject_unlisted_recipient,           check_policy_service inet:127.0.0.    1:7777,           permit_mynetworks,           permit_sasl_authenticated,           reject_unauth_destination,           check_policy_service inet:127.0.0.1:10031
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sasl_local_domain =
smtpd_sasl_path = ./dovecot-auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql/sender_login_maps.cf
smtpd_sender_restrictions = check_client_access hash:/etc/postfix/accepted_unauth_senders,     permit_mynetworks,     reject_sender_login_mismatch,     permit_sasl_    authenticated
smtpd_tls_CAfile = /etc/pki/tls/certs/iRedMail_CA.pem
smtpd_tls_cert_file = /etc/pki/tls/certs/iRedMail_CA.pem
smtpd_tls_key_file = /etc/pki/tls/private/iRedMail.key
smtpd_tls_loglevel = 0
smtpd_tls_security_level = may
swap_bangpath = no
tls_random_source = dev:/dev/urandom
transport_maps = proxy:mysql:/etc/postfix/mysql/transport_maps_user.cf, proxy:mysql:/etc/postfix/mysql/transport_maps_domain.cf
unknown_local_recipient_reject_code = 550
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql/virtual_alias_maps.cf, proxy:mysql:/etc/postfix/mysql/domain_alias_maps.cf, proxy:mysql:/etc/postfix/mysql/catch    all_maps.cf, proxy:mysql:/etc/postfix/mysql/domain_alias_catchall_maps.cf
virtual_gid_maps = static:2000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql/virtual_mailbox_maps.cf
virtual_minimum_uid = 2000
virtual_transport = dovecot
virtual_uid_maps = static:2000
===============================================================================


Below id my accepted_unauth_senders

================================================
results@mydomain.com
reports@mydomain.com

4

Re: Allow users to send emails without SMTP authentication.

ruby.alberto wrote:

smtpd_recipient_restrictions = check_client_access hash:/etc/postfix/accepted_unauth_senders, ...
smtpd_sender_restrictions = check_client_access hash:/etc/postfix/accepted_unauth_senders, ...

Please remove the one in smtpd_recipient_restrictions. Using in smtpd_sender_restrictions is enough.

ruby.alberto wrote:

Below id my accepted_unauth_senders
================================================
results@mydomain.com
reports@mydomain.com

Obviously, you forgot the 'OK':

results@mydomain.com OK
reports@mydomain.com OK