From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <sendmeforever@mail.ru>
From: Starodumoff Ilya <sendmeforever@mail.ru>
To: sysadmins@lists.altlinux.org
Date: Mon, 15 Oct 2007 17:20:04 +0600
User-Agent: KMail/1.9.7
References: <20071015140128.2cc7d5fa.dolgov@mail.zp.ua>
In-Reply-To: <20071015140128.2cc7d5fa.dolgov@mail.zp.ua>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="koi8-r"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Message-Id: <200710151720.05056.sendmeforever@mail.ru>
Subject: Re: [Sysadmins]
	=?koi8-r?b?cG9zdGZpeCDJIMHX1M/SydrBw8nRIM7BINDSz9fB?=
	=?koi8-r?b?ysTF0tPLz80gc210cA==?=
X-BeenThere: sysadmins@lists.altlinux.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: ALT Linux sysadmin discuss <sysadmins@lists.altlinux.org>
List-Id: ALT Linux sysadmin discuss <sysadmins.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/sysadmins>
List-Post: <mailto:sysadmins@lists.altlinux.org>
List-Help: <mailto:sysadmins-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Oct 2007 11:20:49 -0000
Archived-At: <http://lore.altlinux.org/sysadmins/200710151720.05056.sendmeforever@mail.ru/>
List-Archive: <http://lore.altlinux.org/sysadmins/>

=F7 =D3=CF=CF=C2=DD=C5=CE=C9=C9 =CF=D4 =F0=CF=CE=C5=C4=C5=CC=D8=CE=C9=CB 15=
 =CF=CB=D4=D1=C2=D2=D1 2007 Oleg Dolgov =CE=C1=D0=C9=D3=C1=CC(a):
> =FA=C4=D2=C1=D7=D3=D4=D7=D5=CA=D4=C5.
>
> =F0=C5=D2=C5=CB=CF=DE=C5=D7=C1=CC =D4=D5=D4 =CE=C1 =EF=E7=EF! =CF=D4 =F5=
=CB=D2=D4=C5=CC=C5=CB=CF=CD=C1. =F0=C5=D2=C5=D5=D3=D4=C1=CE=CF=D7=C9=CC =D3=
=C5=D2=D7=C5=D2. =F0=CF=D3=D4=C1=D7=C9=CC
> 4.0
> =F4=C5=D0=C5=D2=D8 =DA=C1=D4=D9=CB =D3 =D0=CF=DE=D4=CF=CA. =EE=C9=CD=CF=
=C7=D5 =CE=C9=CB=C1=CB =D2=C1=D3=DE=C5=C8=CC=C9=D4=D8 postfix.
> =F7=D2=CF=C4=C5 =D7=D3=C5 =D7=CF=D3=D3=D4=C1=CE=CF=D7=C9=CC =C9=DA =C2=DC=
=CB=C1=D0=C1 (=D0=CF=D3=CC=C5 =ED=C1=D3=D4=C5=D2=C1 2.4), =D0=CF=C4=D0=D2=
=C1=D7=C9=CC =CE=C1 =DE=D4=CF
> =D2=D5=C7=C1=CC=D3=D1, =CE=CF =D7=CF=D4 =D4=C5=D0=C5=D2=D8 =CE=C9=DA=C1=
=C4=C1=DE=C1:
>
> defer_transports =3D smtp
> relayhost =3D smtp =D3=C5=D2=D7=C5=D2, =D4=D2=C5=C2=D5=C0=DD=C9=CA =C1=D7=
=D4=CF=D2=C9=DA=C1=C3=C9=C0.
>
> =CB=C1=CB =C9 =CB=D5=C4=C1 =C5=C5 =D0=D2=CF=D0=C9=D3=C1=D4=D8, =C4=C1=C2=
=D9 =D0=CF=D3=D4=C6=C9=CB=D3 =CE=CF=D2=CD=C1=CC=D8=CE=CF =D7=D9=D4=C1=CC=CB=
=C9=D7=C1=CC =D0=CF=DE=D4=D5 =C9=DA
> =CF=C6=C9=D3=C1?
>
> =FA=C1=D2=C1=CE=C5=C5 =C2=CC=C1=C7=CF=C4=C1=D2=C5=CE.

=EC=C5=CE=D8 "=D7=D9=D6=C9=CD=C1=D4=D8", =C3=C9=D4=C9=D2=D5=C0 =D0=CF=CC=CE=
=CF=D3=D4=D8=C0 :) :

12.5 SMTP Client Authentication
You may want your Postfix server to relay through other servers that requir=
e=20
SMTP authentication. In addition to requiring passwords on your own server,=
=20
you can configure Postfix to provide login names and passwords when relayin=
g=20
mail through other SMTP servers.
You have to provide Postfix with a password file that contains the credenti=
als=20
it should use when authenticating to other servers. Entries in the password=
=20
file contain a domain or hostname, username, and password in the form: doma=
in=20
username:password. For the domain or hostname, Postfix first checks for the=
=20
destination domain from the recipient address. If it doesn't find the domai=
n,=20
it then checks for the hostname it is connecting to. This allows Postfix to=
=20
work easily with sites that have multiple MX hosts that share the same user=
=20
database. Use smtp_sasl_password_maps parameter to specify where your=20
password file is.
The client smtp_sasl_security_options parameter works just like server=20
smtpd_sasl_security_options (discussed earlier in the chapter) for the SMTP=
=20
servers. If you don't specify any options, the default allows all available=
=20
mechanisms including plaintext but not anonymous logins.
=20
12.5.1 Procedure to Enable SMTP Client Authentication
Use the following steps to configure Postfix to provide a login and passwor=
d=20
when relaying mail. In this example, you'll set up two different passwords=
=20
for Postfix to authenticate when relaying through any server for the domain=
=20
ora.com and through a host called mail.postfix.org:
Create a file called /etc/postfix/sasl_passwd with entries for each host,=20
login, and password combination you need. Your file should resemble the=20
following:
ora.com                 kdent:Rumpelstiltskin
mail.postfix.org        kyle:quixote
Execute postmap on the file:
# postmap /etc/postfix/sasl_passwd
Edit main.cf to turn on client authentication. Notice that you are now sett=
ing=20
smtp_sasl_auth_enable instead of smtpd_sasl_auth_enable as you did to turn =
on=20
authentication at the server. You must also set smtp_sasl_password_maps to=
=20
point to the password file you created:
smtp_sasl_auth_enable =3D yes
smtp_sasl_password_maps =3D hash:/etc/postfix/sasl_passwd
Reload Postfix so that it recognizes the changes in its main.cf configurati=
on=20
file:
# postfix reload
=20
Now, when the Postfix SMTP client attempts to relay messages through any of=
=20
the domains or hosts listed in /etc/postfix/sasl_passwd, it will offer the=
=20
corresponding authentication credentials. For example, if your Postfix smtp=
=20
client connects to the server mail.ora.com, it authenticates with the=20
username kdent and the password Rumpelstiltskin.

=2D-=20
=F3 =D5=D7=C1=D6=C5=CE=C9=C5=CD,
=F3=D4=C1=D2=CF=C4=D5=CD=CF=D7 =E9=CC=D8=D1