Found a far superior solution. The problem that the powers that be thought it would fix, it wouldn't fix anyway. I finally convinced them of that and so that's the end of that.
Nevertheless, thanks to all who replied. -- Rob On 2/12/10 9:30 AM, "Noel Jones" <njo...@megan.vbhcs.org> wrote: > On 2/12/2010 11:21 AM, Michael Saldivar wrote: >> On Wed, Feb 10, 2010 at 5:54 PM, Rob Tanner <rtan...@linfield.edu >> <mailto:rtan...@linfield.edu>> wrote: >> >>>> TLS is enabled on port 25 of our server and it has a regular Thawte >>>> certificate behind it. Tests with Thunderbird using PLAIN >>>> authentication (SASL method) work perfectly. From our point of >> view, >>>> all we really want to protect in any SMTP transaction are the user >>>> credentials (uid/passwd) and what we are doing is currently >>>> sufficient. Google, on the other hand is doing something >> different or >>>> expecting something different and I have no idea what. If you are >>>> successfully using a similar setup with Gmail, could you please pass >>>> on your wisdom. >>> Watch your postfix logs and start debugging when gmail tries to >>> authenticate against your server.... >> >> The problem is the log files are rather large (a quarter million >> lines since >> the 4 am roll this morning, and there are lots of google entries. >> In other >> words I've already spent time just trying to find the entries. Any idea >> about particular keywords that I might look for? >> . >>>> >>>> Thanks, >>>> Rob >> >> >> >> An easy way to watch is to tail -f the logfile, tell Gmail to send a >> message, and then watch the log scroll past. You will see the >> authorization attempt and your server's response. >> >> Also, in your Gmail account, check the submission port. There's a drop >> down list from which you can choose 25, 465, and 587; it defaults to 587. > > And another great trick for finding stuff in your logs is to > tag submission entries with a different syslog_name. > > # master.cf > submission ... smtpd > -o syslog_name=postfix-submission > ... > > http://www.postfix.org/postconf.5.html#syslog_name > > > -- Noel Jones
