Dear I don't understand why but i think that Postfix did want to send the authentication request in the SMTP protocol. In this case , the client (thunderbird) cannot send authentication parameters trough Internet. When executing saslfinger, there is not information in the -- mechanisms on localhost -- i think that perhaps this is the problem.
How can i resolve this situation ? it's like a ghost inside the server ??? Many thanks Output debug log Jan 23 15:09:23 mx1 postfix/smtpd[25192]: >>> START Sender address RESTRICTIONS <<< Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks: name=permit_sasl_authenticated Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks: name=permit_sasl_authenticated status=0 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks: name=permit_mynetworks Jan 23 15:09:23 mx1 postfix/smtpd[25192]: permit_mynetworks: 129.168.201-77.rev.gaoland.net 77.201.168.129 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostname: 129.168.201-77.rev.gaoland.net ~? 127.0.0.0/8 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostaddr: 77.201.168.129 ~? 127.0.0.0/8 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostname: 129.168.201-77.rev.gaoland.net ~? [::ffff:127.0.0.0]/104 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostaddr: 77.201.168.129 ~? [::ffff:127.0.0.0]/104 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostname: 129.168.201-77.rev.gaoland.net ~? [::1]/128 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostaddr: 77.201.168.129 ~? [::1]/128 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostname: 129.168.201-77.rev.gaoland.net ~? 91.121.48.19 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostaddr: 77.201.168.129 ~? 91.121.48.19 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_list_match: 129.168.201-77.rev.gaoland.net: no match Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_list_match: 77.201.168.129: no match Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks: name=permit_mynetworks status=0 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: >>> END Sender address RESTRICTIONS <<< Jan 23 15:09:23 mx1 postfix/smtpd[25192]: >>> START Recipient address RESTRICTIONS <<< Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks: name=permit_sasl_authenticated Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks: name=permit_sasl_authenticated status=0 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks: name=permit_mynetworks Jan 23 15:09:23 mx1 postfix/smtpd[25192]: permit_mynetworks: 129.168.201-77.rev.gaoland.net 77.201.168.129 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostname: 129.168.201-77.rev.gaoland.net ~? 127.0.0.0/8 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostaddr: 77.201.168.129 ~? 127.0.0.0/8 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostname: 129.168.201-77.rev.gaoland.net ~? [::ffff:127.0.0.0]/104 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostaddr: 77.201.168.129 ~? [::ffff:127.0.0.0]/104 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostname: 129.168.201-77.rev.gaoland.net ~? [::1]/128 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostaddr: 77.201.168.129 ~? [::1]/128 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostname: 129.168.201-77.rev.gaoland.net ~? 91.121.48.19 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostaddr: 77.201.168.129 ~? 91.121.48.19 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_list_match: 129.168.201-77.rev.gaoland.net: no match Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_list_match: 77.201.168.129: no match Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks: name=permit_mynetworks status=0 Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks: name=reject Jan 23 15:09:23 mx1 postfix/smtpd[25192]: NOQUEUE: reject: RCPT from 129.168.201-77.rev.gaoland.net[77.201.168.129]: 554 5.7.1 <da...@xxx.eu>: Recipient address rejected: Access denied; from=<dtouz...@xxx.org> to=<da...@xxx.eu> proto=ESMTP helo=<[192.168.1.20]> Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks: name=reject status=2 Output of saslfinger, you can see there is no -- mechanisms on localhost -- saslfinger - postfix Cyrus sasl configuration samedi 23 janvier 2010, 15:04:40 (UTC+0100) version: 1.0.4 mode: server-side SMTP AUTH -- basics -- Postfix: 2.5.5 System: Debian GNU/Linux 5.0 \n \l -- smtpd is linked to -- libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7d7c000) -- active SMTP AUTH and TLS parameters for smtpd -- broken_sasl_auth_clients = yes smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = smtpd smtpd_sasl_security_options = noanonymous smtpd_tls_CAfile = /etc/ssl/certs/postfix/ca.csr smtpd_tls_ask_ccert = no smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/certs/postfix/ca.crt smtpd_tls_key_file = /etc/ssl/certs/postfix/ca.key smtpd_tls_received_header = yes smtpd_tls_req_ccert = no smtpd_tls_security_level = none smtpd_tls_session_cache_database = btree:$data_directory/smtpd_tls_cache smtpd_use_tls = yes -- content of /usr/lib/sasl2/smtpd.conf -- pwcheck_method: saslauthd mech_list: plain login log_level: 5 -- content of /etc/postfix/sasl/smtpd.conf -- pwcheck_method: saslauthd mech_list: plain login log_level: 5 -- content of /etc/postfix/sasl/smtpd.conf -- pwcheck_method: saslauthd mech_list: plain login log_level: 5 -- active services in /etc/postfix/master.cf -- # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) smtp inet n - n - - smtpd -v pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o fallback_relay= showq unix n - n - - showq error unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache scan unix - - n - 10 smtp maildrop unix - n n - - pipe retry unix - - n - - error uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - n n - - pipe flags=FR user=mail:mail argv=/etc/mailman/postfix-to-mailman.py ${nexthop} ${mailbox} artica-whitelist unix - n n - - pipe flags=F user=mail argv=/usr/share/artica-postfix/bin/artica-whitelist -a ${nexthop} -s ${sender} --white artica-blacklist unix - n n - - pipe flags=F user=mail argv=/usr/share/artica-postfix/bin/artica-whitelist -a ${nexthop} -s ${sender} --black artica-reportwbl unix - n n - - pipe flags=F user=mail argv=/usr/share/artica-postfix/bin/artica-whitelist -a ${nexthop} -s ${sender} --report artica-reportquar unix - n n - - pipe flags=F user=mail argv=/usr/share/artica-postfix/bin/artica-whitelist -a ${nexthop} -s ${sender} --quarantines artica-filter unix - n n - 20 pipe flags=FOh user=www-data argv=/usr/share/artica-postfix/exec.artica-filter.php -f ${sender} -- -s ${sender} -r ${recipient} -c ${client_address} -- mechanisms on localhost -- -- end of saslfinger output --