Renamed: en_US/howto/1-enable.insecure.smtp.md -> en_US/howto/1-enable.smtp.auth.on.port.25.md.
This commit is contained in:
parent
3ea132a3d7
commit
b037e2bf5c
|
@ -1,4 +1,4 @@
|
|||
# Enable insecure SMTP service on port 25
|
||||
# Enable SMTP SASL AUTH on port 25
|
||||
|
||||
Since iRedMail-0.9.5, SMTP auth on port 25 is disabled by default, all end
|
||||
users are forced to send email through port 587 (SMTP over TLS). If you need
|
||||
|
@ -38,4 +38,10 @@ smtpd_tls_security_level = may
|
|||
|
||||
* Restart or reload Postfix service.
|
||||
|
||||
!!! warning
|
||||
|
||||
With `smtpd_tls_auth_only = yes`, it requires clients to enable STARTTLS
|
||||
for secure connection, if you don't want this for some reason, please
|
||||
comment it out.
|
||||
|
||||
That's all.
|
|
@ -332,55 +332,9 @@ Open Amavisd config file `amavisd.conf`, add below lines in BEFORE the last line
|
|||
* on OpenBSD: it's `/etc/amavisd.conf`.
|
||||
|
||||
```
|
||||
# Custom short log template (at log_level 0), add SpamAssassin testing result (Tests: [xxx])
|
||||
#
|
||||
# Note: You can find the original log template at the bottom of
|
||||
# /usr/sbin/amavisd-new.
|
||||
$log_templ = '
|
||||
[?%#D|#|Passed #
|
||||
[? [:ccat|major] |#
|
||||
OTHER|CLEAN|MTA-BLOCKED|OVERSIZED|BAD-HEADER-[:ccat|minor]|SPAMMY|SPAM|\
|
||||
UNCHECKED[?[:ccat|minor]||-ENCRYPTED|]|BANNED (%F)|INFECTED (%V)]#
|
||||
{[:actions_performed]}#
|
||||
,[?%p|| %p][?%a||[?%l|| LOCAL] [:client_addr_port]][?%e|| \[%e\]] [:mail_addr_decode_octets|%s] -> [%D|[:mail_addr_decode_octets|%D]|,]#
|
||||
[? %q ||, quarantine: %q]#
|
||||
[? %Q ||, Queue-ID: %Q]#
|
||||
[? %m ||, Message-ID: [:mail_addr_decode_octets|%m]]#
|
||||
[? %r ||, Resent-Message-ID: [:mail_addr_decode_octets|%r]]#
|
||||
[? %i ||, mail_id: %i]#
|
||||
, Hits: [:SCORE]#
|
||||
, size: %z#
|
||||
[? [:partition_tag] ||, pt: [:partition_tag]]#
|
||||
[~[:remote_mta_smtp_response]|["^$"]||[", queued_as: "]]\
|
||||
[remote_mta_smtp_response|[~%x|["queued as ([0-9A-Za-z]+)$"]|["%1"]|["%0"]]|/]#
|
||||
#, Subject: [:dquote|[:mime2utf8|[:header_field_octets|Subject]|100|1]]#
|
||||
#, From: [:uquote|[:mail_addr_decode_octets|[:rfc2822_from]]]#
|
||||
[? [:dkim|sig_sd] ||, dkim_sd=[:dkim|sig_sd]]#
|
||||
[? [:dkim|newsig_sd] ||, dkim_new=[:dkim|newsig_sd]]#
|
||||
, %y ms#
|
||||
[? %#T ||, Tests: \[[%T|,]\]]#
|
||||
]
|
||||
[?%#O|#|Blocked #
|
||||
[? [:ccat|major|blocking] |#
|
||||
OTHER|CLEAN|MTA-BLOCKED|OVERSIZED|BAD-HEADER-[:ccat|minor]|SPAMMY|SPAM|\
|
||||
UNCHECKED[?[:ccat|minor]||-ENCRYPTED|]|BANNED (%F)|INFECTED (%V)]#
|
||||
{[:actions_performed]}#
|
||||
,[?%p|| %p][?%a||[?%l|| LOCAL] [:client_addr_port]][?%e|| \[%e\]] [:mail_addr_decode_octets|%s] -> [%O|[:mail_addr_decode_octets|%O]|,]#
|
||||
[? %q ||, quarantine: %q]#
|
||||
[? %Q ||, Queue-ID: %Q]#
|
||||
[? %m ||, Message-ID: [:mail_addr_decode_octets|%m]]#
|
||||
[? %r ||, Resent-Message-ID: [:mail_addr_decode_octets|%r]]#
|
||||
[? %i ||, mail_id: %i]#
|
||||
, Hits: [:SCORE]#
|
||||
, size: %z#
|
||||
[? [:partition_tag] ||, pt: [:partition_tag]]#
|
||||
#, Subject: [:dquote|[:mime2utf8|[:header_field_octets|Subject]|100|1]]#
|
||||
#, From: [:uquote|[:mail_addr_decode_octets|[:rfc2822_from]]]#
|
||||
[? [:dkim|sig_sd] ||, dkim_sd=[:dkim|sig_sd]]#
|
||||
[? [:dkim|newsig_sd] ||, dkim_new=[:dkim|newsig_sd]]#
|
||||
, %y ms#
|
||||
[? %#T ||, Tests: \[[%T|,]\]]#
|
||||
]';
|
||||
# Always log verbose info of processed mail, including subject, SpamAssassin
|
||||
# testing results, etc, useful for troubleshooting..
|
||||
$log_templ = $log_verbose_templ;
|
||||
```
|
||||
|
||||
Restarting Amavisd service is required.
|
||||
|
|
|
@ -15,11 +15,7 @@
|
|||
/>
|
||||
<span>iRedMail</span>
|
||||
</a>
|
||||
// <a href="./index.html">Document Index</a></div><div class="admonition note">
|
||||
<p class="admonition-title">This tutorial is available in other languages</p>
|
||||
<p><a href="./enable.insecure.smtp.html">English</a> /</p>
|
||||
</div>
|
||||
<h1 id="abilitare-servizio-non-protetto-smtp-su-porta-25">Abilitare servizio non protetto SMTP su porta 25</h1>
|
||||
// <a href="./index.html">Document Index</a></div><h1 id="abilitare-servizio-non-protetto-smtp-su-porta-25">Abilitare servizio non protetto SMTP su porta 25</h1>
|
||||
<p>Sin dalla versione 0.9.5 di iRedMail, l'autenticazione su porta 25 è disabilitata per default, tutti gli utenti sono costretti a mandare email attraverso la posta 587 (SMTP over TLS). Se avete la necessità di abilitare l'autenticazione insicura sulla porta 25, per qualsivoglia motivo, seguite i passi sotto elencati per abilitarla.</p>
|
||||
<div class="admonition nota">
|
||||
<p class="admonition-title">Nota</p>
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
<html>
|
||||
<head>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||||
<title>Enable insecure SMTP service on port 25</title>
|
||||
<title>Enable SMTP SASL AUTH on port 25</title>
|
||||
<link rel="stylesheet" type="text/css" href="./css/markdown.css" />
|
||||
</head>
|
||||
<body>
|
||||
|
@ -19,7 +19,7 @@
|
|||
<p class="admonition-title">This tutorial is available in other languages</p>
|
||||
<p><a href="./enable.insecure.smtp-it_IT.html">Italiano</a> /</p>
|
||||
</div>
|
||||
<h1 id="enable-insecure-smtp-service-on-port-25">Enable insecure SMTP service on port 25</h1>
|
||||
<h1 id="enable-smtp-sasl-auth-on-port-25">Enable SMTP SASL AUTH on port 25</h1>
|
||||
<p>Since iRedMail-0.9.5, SMTP auth on port 25 is disabled by default, all end
|
||||
users are forced to send email through port 587 (SMTP over TLS). If you need
|
||||
to allow insecure SMTP auth on port 25 for some reason, please follow steps
|
||||
|
@ -58,6 +58,12 @@ smtpd_tls_security_level = may
|
|||
<ul>
|
||||
<li>Restart or reload Postfix service.</li>
|
||||
</ul>
|
||||
<div class="admonition warning">
|
||||
<p class="admonition-title">Warning</p>
|
||||
<p>With <code>smtpd_tls_auth_only = yes</code>, it requires clients to enable STARTTLS
|
||||
for secure connection, if you don't want this for some reason, please
|
||||
comment it out.</p>
|
||||
</div>
|
||||
<p>That's all.</p><div class="footer">
|
||||
<p style="text-align: center; color: grey;">All documents are available in <a href="https://bitbucket.org/zhb/iredmail-docs/src">BitBucket repository</a>, and published under <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">Creative Commons</a> license. You can <a href="https://bitbucket.org/zhb/iredmail-docs/get/tip.tar.bz2">download the latest version</a> for offline reading. If you found something wrong, please do <a href="http://www.iredmail.org/contact.html">contact us</a> to fix it.</p>
|
||||
</div>
|
||||
|
|
|
@ -0,0 +1,66 @@
|
|||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||||
<title>Abilitare servizio non protetto SMTP su porta 25</title>
|
||||
<link rel="stylesheet" type="text/css" href="./css/markdown.css" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<div id="navigation">
|
||||
<a href="/index.html" target="_blank">
|
||||
<img alt="iRedMail web site"
|
||||
src="./images/logo-iredmail.png"
|
||||
style="vertical-align: middle; height: 30px;"
|
||||
/>
|
||||
<span>iRedMail</span>
|
||||
</a>
|
||||
// <a href="./index.html">Document Index</a></div><div class="admonition note">
|
||||
<p class="admonition-title">This tutorial is available in other languages</p>
|
||||
<p><a href="./enable.smtp.auth.on.port.25.html">English</a> /</p>
|
||||
</div>
|
||||
<h1 id="abilitare-servizio-non-protetto-smtp-su-porta-25">Abilitare servizio non protetto SMTP su porta 25</h1>
|
||||
<p>Sin dalla versione 0.9.5 di iRedMail, l'autenticazione su porta 25 è disabilitata per default, tutti gli utenti sono costretti a mandare email attraverso la posta 587 (SMTP over TLS). Se avete la necessità di abilitare l'autenticazione insicura sulla porta 25, per qualsivoglia motivo, seguite i passi sotto elencati per abilitarla.</p>
|
||||
<div class="admonition nota">
|
||||
<p class="admonition-title">Nota</p>
|
||||
</div>
|
||||
<p>Se avete la necessita di far usare solo ad un piccolo numero di utenti la porta 25m per esempio una stampante di rete o vecchi apparati di rete che non sopportano connessioni sicure, potete invece provare questo altro tutorial: <a href="./additional.smtp.port.html">Abilitare apparati interni di rete a mandare mail su connessione insicura</a></p>
|
||||
<ul>
|
||||
<li>Trovate le configurazioni commentate, mostrate qui sotto, nel file di configurazione di Postfix <code>/etc/postfix/main.cf</code> (linux/OpenBDS) oppure <code>/usr/local/etc/postfix/main.cf</code> per FreeBSD:</li>
|
||||
</ul>
|
||||
<pre><code>#
|
||||
# Enable SASL authentication on port 25 and force TLS-encrypted SASL authentication.
|
||||
# WARNING: NOT RECOMMENDED to enable smtp auth on port 25, all end users should
|
||||
# be forced to submit email through port 587 instead.
|
||||
#
|
||||
#smtpd_sasl_auth_enable = yes
|
||||
#smtpd_tls_auth_only = yes
|
||||
#smtpd_sasl_security_options = noanonymous
|
||||
#smtpd_tls_security_level = may
|
||||
</code></pre>
|
||||
|
||||
<ul>
|
||||
<li>decommentate le ultime 4 righe:</li>
|
||||
</ul>
|
||||
<pre><code>smtpd_sasl_auth_enable = yes
|
||||
smtpd_tls_auth_only = yes
|
||||
smtpd_sasl_security_options = noanonymous
|
||||
smtpd_tls_security_level = may
|
||||
</code></pre>
|
||||
|
||||
<ul>
|
||||
<li>Riavvia o ricarica il servizio Postfix</li>
|
||||
</ul>
|
||||
<p>Questo è tutto.</p><div class="footer">
|
||||
<p style="text-align: center; color: grey;">All documents are available in <a href="https://bitbucket.org/zhb/iredmail-docs/src">BitBucket repository</a>, and published under <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">Creative Commons</a> license. You can <a href="https://bitbucket.org/zhb/iredmail-docs/get/tip.tar.bz2">download the latest version</a> for offline reading. If you found something wrong, please do <a href="http://www.iredmail.org/contact.html">contact us</a> to fix it.</p>
|
||||
</div>
|
||||
<script type="text/javascript">
|
||||
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
|
||||
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
|
||||
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
|
||||
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
|
||||
|
||||
ga('create', 'UA-3293801-21', 'auto');
|
||||
ga('send', 'pageview');
|
||||
</script>
|
||||
</body></html>
|
|
@ -0,0 +1,79 @@
|
|||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||||
<title>Enable SMTP SASL AUTH on port 25</title>
|
||||
<link rel="stylesheet" type="text/css" href="./css/markdown.css" />
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<div id="navigation">
|
||||
<a href="/index.html" target="_blank">
|
||||
<img alt="iRedMail web site"
|
||||
src="./images/logo-iredmail.png"
|
||||
style="vertical-align: middle; height: 30px;"
|
||||
/>
|
||||
<span>iRedMail</span>
|
||||
</a>
|
||||
// <a href="./index.html">Document Index</a></div><div class="admonition note">
|
||||
<p class="admonition-title">This tutorial is available in other languages</p>
|
||||
<p><a href="./enable.smtp.auth.on.port.25-it_IT.html">Italiano</a> /</p>
|
||||
</div>
|
||||
<h1 id="enable-smtp-sasl-auth-on-port-25">Enable SMTP SASL AUTH on port 25</h1>
|
||||
<p>Since iRedMail-0.9.5, SMTP auth on port 25 is disabled by default, all end
|
||||
users are forced to send email through port 587 (SMTP over TLS). If you need
|
||||
to allow insecure SMTP auth on port 25 for some reason, please follow steps
|
||||
below to enable it.</p>
|
||||
<div class="admonition note">
|
||||
<p class="admonition-title">Note</p>
|
||||
<p>If you have just few clients need to send email through port 25, e.g.
|
||||
network printer, old network devices which don't support secure
|
||||
connection, you may try another tutorial instead:
|
||||
<a href="./additional.smtp.port.html">Allow internal network devices to send email with insecure connection</a></p>
|
||||
</div>
|
||||
<ul>
|
||||
<li>Find comment out settings in Postfix config file <code>/etc/postfix/main.cf</code>
|
||||
(Linux/OpenBSD) or <code>/usr/local/etc/postfix/main.cf</code> (FreeBSD):</li>
|
||||
</ul>
|
||||
<pre><code>#
|
||||
# Enable SASL authentication on port 25 and force TLS-encrypted SASL authentication.
|
||||
# WARNING: NOT RECOMMENDED to enable smtp auth on port 25, all end users should
|
||||
# be forced to submit email through port 587 instead.
|
||||
#
|
||||
#smtpd_sasl_auth_enable = yes
|
||||
#smtpd_tls_auth_only = yes
|
||||
#smtpd_sasl_security_options = noanonymous
|
||||
#smtpd_tls_security_level = may
|
||||
</code></pre>
|
||||
|
||||
<ul>
|
||||
<li>uncomment the last 4 lines:</li>
|
||||
</ul>
|
||||
<pre><code>smtpd_sasl_auth_enable = yes
|
||||
smtpd_tls_auth_only = yes
|
||||
smtpd_sasl_security_options = noanonymous
|
||||
smtpd_tls_security_level = may
|
||||
</code></pre>
|
||||
|
||||
<ul>
|
||||
<li>Restart or reload Postfix service.</li>
|
||||
</ul>
|
||||
<div class="admonition warning">
|
||||
<p class="admonition-title">Warning</p>
|
||||
<p>With <code>smtpd_tls_auth_only = yes</code>, it requires clients to enable STARTTLS
|
||||
for secure connection, if you don't want this for some reason, please
|
||||
comment it out.</p>
|
||||
</div>
|
||||
<p>That's all.</p><div class="footer">
|
||||
<p style="text-align: center; color: grey;">All documents are available in <a href="https://bitbucket.org/zhb/iredmail-docs/src">BitBucket repository</a>, and published under <a href="http://creativecommons.org/licenses/by-nd/3.0/us/" target="_blank">Creative Commons</a> license. You can <a href="https://bitbucket.org/zhb/iredmail-docs/get/tip.tar.bz2">download the latest version</a> for offline reading. If you found something wrong, please do <a href="http://www.iredmail.org/contact.html">contact us</a> to fix it.</p>
|
||||
</div>
|
||||
<script type="text/javascript">
|
||||
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
|
||||
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
|
||||
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
|
||||
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
|
||||
|
||||
ga('create', 'UA-3293801-21', 'auto');
|
||||
ga('send', 'pageview');
|
||||
</script>
|
||||
</body></html>
|
|
@ -85,7 +85,7 @@
|
|||
<li><a href="allow.certain.users.to.send.email.as.different.user.html">Allow certain users to send email as another user</a></li>
|
||||
<li><a href="change.mail.attachment.size.html">Change mail attachment size</a></li>
|
||||
<li><a href="completely.disable.amavisd.clamav.spamassassin.html">Completely disable Amavisd + ClamAV + SpamAssassin</a></li>
|
||||
<li><a href="enable.insecure.smtp.html">Enable insecure SMTP service on port 25</a></li>
|
||||
<li><a href="enable.smtp.auth.on.port.25.html">Enable SMTP SASL AUTH on port 25</a></li>
|
||||
<li><a href="enable.smtps.html">Enable SMTPS service (SMTP over SSL, port 465)</a></li>
|
||||
<li><a href="disable.spam.virus.scanning.for.outgoing.mails.html">Disable spam virus scanning for outgoing mails</a></li>
|
||||
<li><a href="no.x-spam.headers.html">Amavisd + SpamAssassin not working? no mail header (X-Spam-*) inserted</a></li>
|
||||
|
|
|
@ -376,55 +376,9 @@ log_level 0.</p>
|
|||
<li>on FreeBSD: it's <code>/usr/local/etc/amavisd.conf</code>.</li>
|
||||
<li>on OpenBSD: it's <code>/etc/amavisd.conf</code>.</li>
|
||||
</ul>
|
||||
<pre><code># Custom short log template (at log_level 0), add SpamAssassin testing result (Tests: [xxx])
|
||||
#
|
||||
# Note: You can find the original log template at the bottom of
|
||||
# /usr/sbin/amavisd-new.
|
||||
$log_templ = '
|
||||
[?%#D|#|Passed #
|
||||
[? [:ccat|major] |#
|
||||
OTHER|CLEAN|MTA-BLOCKED|OVERSIZED|BAD-HEADER-[:ccat|minor]|SPAMMY|SPAM|\
|
||||
UNCHECKED[?[:ccat|minor]||-ENCRYPTED|]|BANNED (%F)|INFECTED (%V)]#
|
||||
{[:actions_performed]}#
|
||||
,[?%p|| %p][?%a||[?%l|| LOCAL] [:client_addr_port]][?%e|| \[%e\]] [:mail_addr_decode_octets|%s] -> [%D|[:mail_addr_decode_octets|%D]|,]#
|
||||
[? %q ||, quarantine: %q]#
|
||||
[? %Q ||, Queue-ID: %Q]#
|
||||
[? %m ||, Message-ID: [:mail_addr_decode_octets|%m]]#
|
||||
[? %r ||, Resent-Message-ID: [:mail_addr_decode_octets|%r]]#
|
||||
[? %i ||, mail_id: %i]#
|
||||
, Hits: [:SCORE]#
|
||||
, size: %z#
|
||||
[? [:partition_tag] ||, pt: [:partition_tag]]#
|
||||
[~[:remote_mta_smtp_response]|["^$"]||[", queued_as: "]]\
|
||||
[remote_mta_smtp_response|[~%x|["queued as ([0-9A-Za-z]+)$"]|["%1"]|["%0"]]|/]#
|
||||
#, Subject: [:dquote|[:mime2utf8|[:header_field_octets|Subject]|100|1]]#
|
||||
#, From: [:uquote|[:mail_addr_decode_octets|[:rfc2822_from]]]#
|
||||
[? [:dkim|sig_sd] ||, dkim_sd=[:dkim|sig_sd]]#
|
||||
[? [:dkim|newsig_sd] ||, dkim_new=[:dkim|newsig_sd]]#
|
||||
, %y ms#
|
||||
[? %#T ||, Tests: \[[%T|,]\]]#
|
||||
]
|
||||
[?%#O|#|Blocked #
|
||||
[? [:ccat|major|blocking] |#
|
||||
OTHER|CLEAN|MTA-BLOCKED|OVERSIZED|BAD-HEADER-[:ccat|minor]|SPAMMY|SPAM|\
|
||||
UNCHECKED[?[:ccat|minor]||-ENCRYPTED|]|BANNED (%F)|INFECTED (%V)]#
|
||||
{[:actions_performed]}#
|
||||
,[?%p|| %p][?%a||[?%l|| LOCAL] [:client_addr_port]][?%e|| \[%e\]] [:mail_addr_decode_octets|%s] -> [%O|[:mail_addr_decode_octets|%O]|,]#
|
||||
[? %q ||, quarantine: %q]#
|
||||
[? %Q ||, Queue-ID: %Q]#
|
||||
[? %m ||, Message-ID: [:mail_addr_decode_octets|%m]]#
|
||||
[? %r ||, Resent-Message-ID: [:mail_addr_decode_octets|%r]]#
|
||||
[? %i ||, mail_id: %i]#
|
||||
, Hits: [:SCORE]#
|
||||
, size: %z#
|
||||
[? [:partition_tag] ||, pt: [:partition_tag]]#
|
||||
#, Subject: [:dquote|[:mime2utf8|[:header_field_octets|Subject]|100|1]]#
|
||||
#, From: [:uquote|[:mail_addr_decode_octets|[:rfc2822_from]]]#
|
||||
[? [:dkim|sig_sd] ||, dkim_sd=[:dkim|sig_sd]]#
|
||||
[? [:dkim|newsig_sd] ||, dkim_new=[:dkim|newsig_sd]]#
|
||||
, %y ms#
|
||||
[? %#T ||, Tests: \[[%T|,]\]]#
|
||||
]';
|
||||
<pre><code># Always log verbose info of processed mail, including subject, SpamAssassin
|
||||
# testing results, etc, useful for troubleshooting..
|
||||
$log_templ = $log_verbose_templ;
|
||||
</code></pre>
|
||||
|
||||
<p>Restarting Amavisd service is required.</p>
|
||||
|
|
Loading…
Reference in New Issue