On Jul 30, 2010, at 11:50 AM, Magnus Bäck wrote: > On Friday, July 30, 2010 at 17:33 CEST, > donovan jeffrey j <dono...@beth.k12.pa.us> wrote: > >> I have an older relay system accept ssl on port 25, it seems to be >> working, but when i test it, STARTTLS shows up but then the session >> stalls like it's waiting for me to do something. -probably i do. >> >> smtp2:/etc/postfix root# telnet 127.0.0.1 25 >> Trying 127.0.0.1... >> Connected to localhost. >> Escape character is '^]'. >> 220 smtp2.beth.k12.pa.us ESMTP Postfix >> EHLO beth.k12.pa.us >> 250-smtp2.beth.k12.pa.us >> 250-PIPELINING >> 250-SIZE 26214400 >> 250-VRFY >> 250-ETRN >> 250-STARTTLS >> 250 8BITMIME > > As indicated by the lacking hyphen between 250 and 8BITMIME on the final > line, that's the final line of the server's response. It's then the > client's turn to send the next command. There is no AUTH line in the > EHLO response so for some reason Postfix doesn't accept authentication. > >> what comes next ? i would expect AUTH types. Do I have to initiate an >> auth sequence ? >> >> postconf >> >> smtpd_enforce_tls = yes >> smtpd_pw_server_security_options = login,cram-md5,plain,gssapi >> smtpd_recipient_restrictions = >> permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,permit >> smtpd_sasl_auth_enable = yes >> smtpd_tls_cert_file = /etc/certificates/Default.crt >> smtpd_tls_key_file = /etc/certificates/Default.key >> smtpd_use_pw_server = yes >> smtpd_use_tls = yes >
alias_maps = hash:/etc/aliases,ldap:/etc/postfix/ldaplocal always_bcc = basdarch...@beth.k12.pa.us bounce_queue_lifetime = 5m command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 enable_server_options = yes html_directory = no inet_interfaces = all local_recipient_maps = ldap:/etc/postfix/ldaplocal $alias_maps luser_relay = lukeskywalker mail_owner = postfix mailbox_size_limit = 0 mailbox_transport = cyrus mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man message_size_limit = 26214400 mydestination = $myhostname,localhost.$mydomain,localhost,smtp,smtp2 mydomain = beth.k12.pa.us mydomain_fallback = beth.k12.pa.us myhostname = smtp2.beth.k12.pa.us mynetworks = 127.0.0.1/32,etc.. mynetworks_style = host newaliases_path = /usr/bin/newaliases owner_request_special = no queue_directory = /private/var/spool/postfix readme_directory = /usr/share/doc/postfix recipient_delimiter = + sample_directory = /usr/share/doc/postfix/examples sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtpd_enforce_tls = yes smtpd_pw_server_security_options = login,cram-md5,plain,gssapi smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,permit smtpd_sasl_auth_enable = yes smtpd_tls_cert_file = /etc/certificates/Default.crt smtpd_tls_key_file = /etc/certificates/Default.key smtpd_use_pw_server = yes smtpd_use_tls = yes soft_bounce = no transport_maps = ldap:/etc/postfix/ldaptransport unknown_local_recipient_reject_code = 550 > Please post at least full "postconf -n" output, or even better > saslfinger output (Google it). -- basics -- Postfix: 2.1.5 System: Welcome to Darwin! -- smtpd is linked to -- ./saslfinger: line 1: ldd: command not found ./saslfinger: line 1: ldd: command not found -- active SMTP AUTH and TLS parameters for smtpd -- smtpd_sasl_auth_enable = yes smtpd_tls_cert_file = /etc/certificates/Default.crt smtpd_tls_key_file = /etc/certificates/Default.key smtpd_use_tls = yes -- listing of /usr/lib/sasl2 -- total 2416 drwxr-xr-x 40 root wheel 1360 Nov 20 2008 . drwxr-xr-x 282 root wheel 9588 Dec 8 2009 .. -rw-r--r-- 1 root wheel 631 Mar 20 2005 apop.la -r-xr-xr-x 1 root wheel 17496 Mar 20 2005 apop.so -rwxr-xr-x 1 root wheel 629 Mar 20 2005 dhx.la -r-xr-xr-x 1 root wheel 598600 Jan 30 2006 dhx.so -rw-r--r-- 1 root wheel 653 Mar 20 2005 digestmd5WebDAV.la -r-xr-xr-x 1 root wheel 43132 Mar 20 2005 digestmd5WebDAV.so drwxr-xr-x 9 root wheel 306 Nov 20 2008 disabled -r-xr-xr-x 1 root wheel 17660 Mar 20 2005 libanonymous.2.so -rw-r--r-- 1 root wheel 694 Mar 20 2005 libanonymous.la -r-xr-xr-x 1 root wheel 17740 Mar 20 2005 libcrammd5.2.so -rw-r--r-- 1 root wheel 682 Mar 20 2005 libcrammd5.la -r-xr-xr-x 1 root wheel 47228 Jan 19 2007 libdigestmd5.2.so -rw-r--r-- 1 root wheel 703 Mar 20 2005 libdigestmd5.la -r-xr-xr-x 1 root wheel 22688 Jan 19 2007 libgssapiv2.2.0.18.so -r-xr-xr-x 1 root wheel 22688 Jan 19 2007 libgssapiv2.2.so -rw-r--r-- 1 root wheel 739 Mar 20 2005 libgssapiv2.la -r-xr-xr-x 1 root wheel 22504 Mar 20 2005 libkerberos4.2.so -rw-r--r-- 1 root wheel 628 Mar 20 2005 liblogin.la -rw-r--r-- 1 root wheel 637 Mar 20 2005 libntlm.la -r-xr-xr-x 1 root wheel 30816 Mar 20 2005 libntlm.so -r-xr-xr-x 1 root wheel 67668 Mar 20 2005 libotp.2.so -rw-r--r-- 1 root wheel 667 Mar 20 2005 libotp.la -r-xr-xr-x 1 root wheel 17604 Mar 20 2005 libplain.2.so -rw-r--r-- 1 root wheel 670 Mar 20 2005 libplain.la -r-xr-xr-x 1 root wheel 17612 Mar 20 2005 login.so -rwxr-xr-x 1 root wheel 639 Mar 20 2005 mschapv2.la -r-xr-xr-x 1 root wheel 22792 Mar 20 2005 mschapv2.so drwxr-xr-x 6 root wheel 204 Nov 9 2007 openldap -rwxr-xr-x 1 root wheel 641 Mar 25 2005 pwauxprop.la -r-xr-xr-x 1 root wheel 53192 Dec 3 2006 pwauxprop.so -r-xr-xr-x 1 root wheel 18580 Mar 20 2005 shadow_auxprop.so -rwxr-xr-x 1 root wheel 635 Mar 20 2005 smb_lm.la -r-xr-xr-x 1 root wheel 22316 Mar 20 2005 smb_lm.so -rwxr-xr-x 1 root wheel 635 Mar 20 2005 smb_nt.la -r-xr-xr-x 1 root wheel 22316 Mar 20 2005 smb_nt.so -rwxr-xr-x 1 root wheel 568 Mar 20 2005 smb_ntlmv2.la -r-xr-xr-x 1 root wheel 22616 Mar 20 2005 smb_ntlmv2.so -r-xr-xr-x 1 root wheel 21960 Mar 20 2005 twowayrandom.so There is no smtpd.conf that defines what SASL should do for Postfix. SMTP AUTH can't work! smtp2:/usr/local/saslfinger-1.0.3 root# ./saslfinger -c saslfinger - postfix Cyrus sasl configuration Fri Jul 30 13:46:42 EDT 2010 version: 1.0.2 mode: client-side SMTP AUTH -- basics -- Postfix: 2.1.5 System: Welcome to Darwin! -- smtp is linked to -- ./saslfinger: line 1: ldd: command not found ./saslfinger: line 1: ldd: command not found -- active SMTP AUTH and TLS parameters for smtp -- No active SMTP AUTH and TLS parameters for smtp in main.cf! SMTP AUTH can't work! smtp2:/usr/local/saslfinger-1.0.3 root# -- basics -- Postfix: 2.1.5 System: Welcome to Darwin! -- smtpd is linked to -- ./saslfinger: line 1: ldd: command not found ./saslfinger: line 1: ldd: command not found -- active SMTP AUTH and TLS parameters for smtpd -- smtpd_sasl_auth_enable = yes smtpd_tls_cert_file = /etc/certificates/Default.crt smtpd_tls_key_file = /etc/certificates/Default.key smtpd_use_tls = yes -- listing of /usr/lib/sasl2 -- total 2416 drwxr-xr-x 40 root wheel 1360 Nov 20 2008 . drwxr-xr-x 282 root wheel 9588 Dec 8 2009 .. -rw-r--r-- 1 root wheel 631 Mar 20 2005 apop.la -r-xr-xr-x 1 root wheel 17496 Mar 20 2005 apop.so -rwxr-xr-x 1 root wheel 629 Mar 20 2005 dhx.la -r-xr-xr-x 1 root wheel 598600 Jan 30 2006 dhx.so -rw-r--r-- 1 root wheel 653 Mar 20 2005 digestmd5WebDAV.la -r-xr-xr-x 1 root wheel 43132 Mar 20 2005 digestmd5WebDAV.so drwxr-xr-x 9 root wheel 306 Nov 20 2008 disabled -r-xr-xr-x 1 root wheel 17660 Mar 20 2005 libanonymous.2.so -rw-r--r-- 1 root wheel 694 Mar 20 2005 libanonymous.la -r-xr-xr-x 1 root wheel 17740 Mar 20 2005 libcrammd5.2.so -rw-r--r-- 1 root wheel 682 Mar 20 2005 libcrammd5.la -r-xr-xr-x 1 root wheel 47228 Jan 19 2007 libdigestmd5.2.so -rw-r--r-- 1 root wheel 703 Mar 20 2005 libdigestmd5.la -r-xr-xr-x 1 root wheel 22688 Jan 19 2007 libgssapiv2.2.0.18.so -r-xr-xr-x 1 root wheel 22688 Jan 19 2007 libgssapiv2.2.so -rw-r--r-- 1 root wheel 739 Mar 20 2005 libgssapiv2.la -r-xr-xr-x 1 root wheel 22504 Mar 20 2005 libkerberos4.2.so -rw-r--r-- 1 root wheel 628 Mar 20 2005 liblogin.la -rw-r--r-- 1 root wheel 637 Mar 20 2005 libntlm.la -r-xr-xr-x 1 root wheel 30816 Mar 20 2005 libntlm.so -r-xr-xr-x 1 root wheel 67668 Mar 20 2005 libotp.2.so -rw-r--r-- 1 root wheel 667 Mar 20 2005 libotp.la -r-xr-xr-x 1 root wheel 17604 Mar 20 2005 libplain.2.so -rw-r--r-- 1 root wheel 670 Mar 20 2005 libplain.la -r-xr-xr-x 1 root wheel 17612 Mar 20 2005 login.so -rwxr-xr-x 1 root wheel 639 Mar 20 2005 mschapv2.la -r-xr-xr-x 1 root wheel 22792 Mar 20 2005 mschapv2.so drwxr-xr-x 6 root wheel 204 Nov 9 2007 openldap -rwxr-xr-x 1 root wheel 641 Mar 25 2005 pwauxprop.la -r-xr-xr-x 1 root wheel 53192 Dec 3 2006 pwauxprop.so -r-xr-xr-x 1 root wheel 18580 Mar 20 2005 shadow_auxprop.so -rwxr-xr-x 1 root wheel 635 Mar 20 2005 smb_lm.la -r-xr-xr-x 1 root wheel 22316 Mar 20 2005 smb_lm.so -rwxr-xr-x 1 root wheel 635 Mar 20 2005 smb_nt.la -r-xr-xr-x 1 root wheel 22316 Mar 20 2005 smb_nt.so -rwxr-xr-x 1 root wheel 568 Mar 20 2005 smb_ntlmv2.la -r-xr-xr-x 1 root wheel 22616 Mar 20 2005 smb_ntlmv2.so -r-xr-xr-x 1 root wheel 21960 Mar 20 2005 twowayrandom.so There is no smtpd.conf that defines what SASL should do for Postfix. SMTP AUTH can't work! smtp2:/usr/local/saslfinger-1.0.3 root# ./saslfinger -c saslfinger - postfix Cyrus sasl configuration Fri Jul 30 13:46:42 EDT 2010 version: 1.0.2 mode: client-side SMTP AUTH -- basics -- Postfix: 2.1.5 System: Welcome to Darwin! -- smtp is linked to -- ./saslfinger: line 1: ldd: command not found ./saslfinger: line 1: ldd: command not found -- active SMTP AUTH and TLS parameters for smtp -- No active SMTP AUTH and TLS parameters for smtp in main.cf! SMTP AUTH can't work! smtp2:/usr/local/saslfinger-1.0.3 root# > > This thread was started by responding to an old message in another > thread. Don't do that. Start new threads by posting a new message > to the postfix-users address. woops > > -- > Magnus Bäck > mag...@dsek.lth.se >
