fixed conflicting edits for smtpd_sasl_auth_enable

setup/mail-postfix.sh

@@ -201,11 +201,6 @@ tools/editconf.py /etc/postfix/main.cf \
 	smtpd_sender_restrictions="permit_mynetworks,reject_non_fqdn_sender,reject_unknown_sender_domain,reject_sender_login_mismatch,reject_rhsbl_sender dbl.spamhaus.org" \
 	smtpd_recipient_restrictions=permit_sasl_authenticated,permit_mynetworks,"reject_rbl_client zen.spamhaus.org",reject_unlisted_recipient,"check_policy_service inet:127.0.0.1:10023"
 
-# There was a change from Ubuntu 14.04 to 18.04 with how postfix handles SASL checks.
-# smtpd_sasl_auth_enable=yes must be set for reject_sender_login_mismatch
-
-tools/editconf.py /etc/postfix/main.cf smtpd_sasl_auth_enable=yes
-
 # Postfix connects to Postgrey on the 127.0.0.1 interface specifically. Ensure that
 # Postgrey listens on the same interface (and not IPv6, for instance).
 # A lot of legit mail servers try to resend before 300 seconds.

setup/mail-users.sh

@@ -65,15 +65,13 @@ service auth {
 }
 EOF
 
-# And have Postfix use that service. We *disable* it here
-# so that authentication is not permitted on port 25 (which
-# does not run DKIM on relayed mail, so outbound mail isn't
-# correct, see #830), but we enable it specifically for the
-# submission port.
+# And have Postfix use that service.
+# Starting with Ubuntu Bionic, smtpd_sasl_auth_enable=yes is required
+# for certain main.cf options to function.
 tools/editconf.py /etc/postfix/main.cf \
 	smtpd_sasl_type=dovecot \
 	smtpd_sasl_path=private/auth \
-	smtpd_sasl_auth_enable=no
+	smtpd_sasl_auth_enable=yes
 
 # ### Sender Validation