Hi All,

This thread is close and I have managed to get it works by using less secure setup
SMTP Authentication : Disabled and then it works.
Then I gradually change the setting with more secure setup.

Thanks!

Hi Nick,

This is my fresh installation of clearos community 7 with the latest version.
I have try many different setting with my Outlook for the SMTP, security : none. ssl, tls.
I have set the setup mostly with the default setup and tested using my LAN but it failed.

I have been prompted to accept certificates and and I accepted it on My IMAP with SSL and it is working just fine.

SMTP Authentication : Disabled

Block Plain-Text Passwords : Disable

User has SMTP Server : Enable

Incoming firewall open : 25

smtp      inet  n       -       n       -       -       smtpd

smtps     inet  n       -       n       -       -       smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes

[root@bali ~]# postconf -n

alias_database = hash:/etc/aliases

alias_maps = hash:/etc/aliases

bounce_queue_lifetime = 6h

broken_sasl_auth_clients = yes

command_directory = /usr/sbin

config_directory = /etc/postfix

content_filter = mailprefilter

daemon_directory = /usr/libexec/postfix

data_directory = /var/lib/postfix

debug_peer_level = 2

debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5

header_checks = regexp:/etc/postfix/header_checks

html_directory = no

inet_interfaces = all

inet_protocols = ipv4

local_recipient_maps = $alias_maps $virtual_alias_maps

luser_relay =

mail_owner = postfix

mailbox_size_limit = 102400000

mailbox_transport = mailpostfilter

mailq_path = /usr/bin/mailq.postfix

manpage_directory = /usr/share/man

message_size_limit = 51200000

message_strip_characters = \0

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

mydomain = myserver.net

myhostname = myserver.net

mynetworks = 127.0.0.0/8 [::1]/128, [::1]/128

myorigin = $mydomain

newaliases_path = /usr/bin/newaliases.postfix

queue_directory = /var/spool/postfix

recipient_bcc_maps =

recipient_canonical_maps = hash:/etc/postfix/recipient_canonical

recipient_delimiter = +

relayhost = [203.153.104.111]

sender_bcc_maps = hash:/etc/postfix/sender_bcc

sender_canonical_maps = hash:/etc/postfix/sender_canonical

sendmail_path = /usr/sbin/sendmail.postfix

setgid_group = postdrop

smtp_generic_maps = hash:/etc/postfix/generic

smtpd_client_restrictions = check_sender_access hash:/etc/postfix/filters/sa-blacklist

smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination

smtpd_sasl_auth_enable = no

smtpd_sasl_local_domain = $mydomain

smtpd_sasl_security_options = noanonymous

smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/filters/sa-blacklist

smtpd_tls_auth_only = no

smtpd_tls_cert_file = /etc/postfix/cert.pem

smtpd_tls_key_file = /etc/postfix/key.pem

smtpd_tls_loglevel = 1

smtpd_use_tls = yes

transport_maps = hash:/etc/postfix/transport

unknown_local_recipient_reject_code = 550

virtual_alias_maps = $alias_maps, $virtual_maps, ldap:/etc/postfix/imap-aliases.cf, ldap:/etc/postfix/imap-groups.cf

[root@bali ~]#

I think this is should be very simple to set and works operation.

Can I suggest you get it working inside your LAN first?

Are you just trying to get mail into your server/LAN or are you trying to relay it back out again?

I don't know Outlook but with other clients (Thunderbird/Win10 and K-9/Android) they had different ways of accepting the certificate. TB prompts you the first time you use the connection. K-9 only requests the certificate when you test the connection during its set up. Have you been prompted to accept the certificate yet?

Also, is your telnet session supposed to be telling me anything? It is the same as I get when I telnet to mine.

Nick Howitt wrote:

The line I use is slightly different:

submission inet n       -       n       -       -       smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject

Are you testing from inside your LAN or outside?

Hi Nick, thank you for your response. Im testing this outside the LAN.
On my initial setup i have tested both but it failed.

The line I use is slightly different:

submission inet n       -       n       -       -       smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject

Are you testing from inside your LAN or outside?

Hi All,

It seems that the ISP blocking the port 25, therefore I have change them to port 587 by adding the setting.
587 inet n - n - - smtpd
on the maser.cf file.

With the same setting as below I'm still having problem to send my email using my my Outlook on the new port 587 although I have activated SPA (secure password authentication)

Khairun wrote:

User Policies
SMTP Authentication : Enabled
Block Plain-Text Passwords : Enable
Allowed Incoming Connections : Port 587 (SMTP)

C:\Users\RUN>telnet myserver.net 587

220 myserver.net ESMTP Postfix