I have setup a sendgrid relayhost on my postfix server.
This works perfectly when sending mails via sendmail:
May 24 16:21:13 ip-*-*-*-* postfix/smtp[17742]: 542D01CDF:
to=<mail@externaladdress.com>, relay=smtp.sendgrid.net[5.153.47.203]:587,
delay=2, delays=0.04/0.02/1.5/0.47, dsn=2.0.0, status=sent
(250 Delivery in progress)
but when I try to send via port 587 and authenticating:
May 24 16:34:03 ip-*-*-*-* postfix/error[18081]:
46A711CDE: to=<mail@externaladdress.com>, relay=none,
delay=0.61, delays=0.59/0/0/0.01, dsn=4.7.4, status=deferred
(delivery temporarily suspended: TLS is required, but was not offered
by host 127.0.0.1[127.0.0.1])
Relevant config:
postconf -n | grep relayhost
relayhost = [smtp.sendgrid.net]:587
# master.cf port 587
submission inet n - - - - smtpd
-o syslog_name=postfix/submission
# -o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=$mua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
# http://flurdy.com/docs/postfix/#config-secure-crypt
# if you do not want to restrict it encryption only, comment out next line
-o smtpd_tls_auth_only=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination,reject
-o smtpd_sasl_security_options=noanonymous,noplaintext
-o smtpd_sasl_tls_security_options=noanonymous
I have no transport file overriding anything, yet sending to the same "to" recipient yields a different relayhost depending on me using sendmail or authenticating via SASL on port 587.
Everything works perfectly while connected to port 587, and postfix replies with a "ok, sending", but it just uses a different relay.
How can I make sure that every mail that doesn't have to be delivered locally is sent via relay?
