I tried to echo it another way (echo -ne '\user\passwd' | base64 ) and then auth plain string and it works
Now im getting new errrors :/ or i think i have misconfigured match, i cant send to external addresses, log: http://dpaste.com/2M8JMQC.txt On January 14, 2019 1:10:24 PM GMT+01:00, Gilles Chehade <gil...@poolp.org> wrote: >On Mon, Jan 14, 2019 at 01:03:19PM +0100, Flipchan wrote: >> Seems like it adds "\^J" to the username , i base64 encode it using: >> echo "user" | base64 >> >> Log from smtpd -dv -T smtp : >> http://dpaste.com/0CAVJFF.txt >> > >honestly, i'm confused by what you're doing > >can you setup a temporary account, with a temporary password, >authenticate to it >using a regular MUA (whichever you want, just don't auth manually), >then trash >the account and send us logs that aren't doctored ? > > > >> On January 14, 2019 9:41:42 AM GMT+01:00, Gilles Chehade ><gil...@poolp.org> wrote: >> >On Sat, Jan 12, 2019 at 05:36:11PM +0100, Flipchan wrote: >> >> Hey, am tryin to upgrade my opensmtpd >> >> email server running on openbsd 6.3 towards a new one on 6.4, >> >> i have used a simple config with the new syntax: >> >> cat /etc/mail/smtpd.conf >> >> >> >> table aliases file:/etc/mail/aliases >> >> >> >> #table other-relays file:/etc/mail/other-relays >> >> >> >> pki mail.example.com cert "/etc/ssl/mail.example.com.crt" >> >> pki mail.example.com key "/etc/ssl/private/mail.example.com.key" >> >> >> >> listen on lo0 >> >> listen on vio0 port 587 hostname example.com tls-require pki >> >mail.example.com auth mask-source >> >> listen on vio0 port 25 hostname example.com tls pki >mail.example.com >> >> >> >> action "mbox" mbox alias <aliases> >> >> action "relay" relay >> >> >> >> match for local action "mbox" >> >> match for any action "relay" >> >> match from any for domain example.com action "mbox" >> >> >> >> >> >> i cant login with a users regular username and passwd which is >weird. >> > >> >> In the documentation it says that it is suppose to take regular >user >> >creds if not a table is defined which it is not. >> >> https://man.openbsd.org/smtpd.conf#listen_on >> >> >> >> "Users are authenticated against either their own normal login >> >credentials or a credentials table authtable, the format of which is >> >described in table(5)." >> >> >> >> Does anyone know what im doing wrong here? >> >> >> >> maillog: >> >> Jan 12 16:47:49 host smtpd[95842]: XXXXXXXXXXXXXXX smtp connected >> >address=ip host=ip Jan 12 16:47:49 host >> >> smtpd[95842]: XXXXXXXXXXXXXXX smtp starttls address=ip host=ip >> >ciphers="version=TLSv1.2, cipher=ECDHE-RSA-AES256-GCM-SHA384, >bits=256" >> >Jan 12 16:47:49 host >> >> smtpd[95842]: XXXXXXXXXXXXXXX smtp authentication user=user >> >address=ip host=ip result=permfail Jan 12 16:47:49 host >> >> smtpd[95842]: XXXXXXXXXXXXXXX smtp failed-command address=ip >host=ip >> >command="AUTH PLAIN (...)" result="535 Authentication failed" Jan 12 >> >16:47:49 host >> >> smtpd[95842]: XXXXXXXXXXXXXXX smtp authentication user=user >> >address=ip host=ip result=permfail Jan 12 16:47:50 host >> >> smtpd[95842]: XXXXXXXXXXXXXXX smtp failed-command address=ip >host=ip >> >command="AUTH LOGIN (password)" result="535 Authentication failed" >> >> >> > >> >Hi, >> > >> >First of all, it should read mask-src and not mask-source, otherwise >> >the >> >auth keyword is assuming a table containing literal string >> >"mask-source" >> >and this will cause authentication to fail. >> > >> >A good method to troubleshoot, is to run smtpd in trace mode: >> > >> > smtpd -dv -T smtp >> > >> >create a test user with a temporary password, so you can share the >> >trace >> >output here and we can try to figure out what's wrong ... but likely >> >the >> >mask-source issue is the cause here. >> > >> > >> >-- >> >Gilles Chehade @poolpOrg >> > >> >https://www.poolp.org tip me: >> >https://paypal.me/poolpOrg >> >> -- >> Sent from my Android device with K-9 Mail. Please excuse my brevity. > >-- >Gilles Chehade @poolpOrg > >https://www.poolp.org tip me: >https://paypal.me/poolpOrg -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
