Hello,
I have been going through various docs on the net about sasl authentication in postfix. In the system that I have set up at a client's place, mails are going fine but there is a small issue that needs to be corrected. The setup is a group of machines on LAN running Outlook Express mail clients and a Linux box running postfix pushing all mails to the main ISP's smtp server. Since It is a relay server, I have used the parameter relayhost = [smtp_of_ISP]:25 in the main.cf file. The sasl auth is using smtp_auth_enable and not smtpd_auth_enable and the user names/passwords are listed in the /etc/postfix/sasl_password file. The only *smtpd* related entry is smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recipient_access, reject.
Mails are going as required and only to those in the recipient_access list as required. Now if an employee has left and his/her entries are removed from the postfix box as well as the ISP server mail accounts, the Outlook Express mailer can still send mails as that non-existent user. What I found through more reading of docs is that my OE accounts can send mails even without authentication as I don't have smtpd_auth_enable and the LAN is in my mynetworks parameter. Not a big problem as it is local and under control and the OE account can be deleted for that user. However, why is the ISP allowing this unknown user which postfix is relaying when I have everything set in the smtp_auth_ part of postfix? Suppose there is a flaw in my settings, shouldn't the ISP's mail server reject those mails when the username and password do not match with their list? That user has been deleted from their server.