-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 1/30/2014 8:51 AM, Dennis Putnam wrote: > On 1/30/2014 9:34 AM, Noel Jones wrote: >> >>> I changed the level to 2. I am not seeing what you suggest >>> but there is one additional line initializing TLS engine. >>> Here is the output: >> >> >> ... useless debug output deleted >> >> >>> To repeat my previous question, is there no way to force a >>> login regardless of the EHLO responses? >> >> >> No, there is no way to force a login if the server doesn't >> offer AUTH. Even if you did force it, it's highly unlikely >> the server would accept it, and it wouldn't be safe since >> you're not encrypting your connection -- no encryption is the >> root of the problem. >> >> Your TLS is screwed up. Show "postconf -n" output. >> >> >> >> -- Noel Jones >> > Thanks for your patience but why wouldn't the working server > also be failing if TLS was indeed screwed up? > > Here is the postconf -n output: >
> alias_database = hash:/etc/postfix/aliases alias_maps = > hash:/etc/postfix/aliases, hash:/var/lib/mailman/data/aliases > command_directory = /usr/sbin config_directory = /etc/postfix > daemon_directory = /usr/libexec/postfix data_directory = > /var/lib/postfix debug_peer_level = 2 debug_peer_list = > smtp.att.yahoo.com Turn off debug logging. It's not needed to solve this problem and just pollutes the logs. > html_directory = no inet_interfaces = all inet_protocols = all > mail_owner = postfix mailq_path = /usr/bin/mailq.postfix > manpage_directory = /usr/share/man message_size_limit = > 51200000 mydestination = $myhostname, localhost.$mydomain, > localhost mynetworks_style = host newaliases_path = > /usr/bin/newaliases.postfix queue_directory = > /var/spool/postfix readme_directory = > /usr/share/doc/postfix-2.6.6/README_FILES relayhost = > [smtp.att.yahoo.com]:587 Ok. > sample_directory = /etc/postfix sender_dependent_relayhost_maps > = hash:/etc/postfix/sender_relay manpage_directory = > /usr/share/man message_size_limit = 51200000 mydestination = > $myhostname, localhost.$mydomain, localhost mynetworks_style = > host newaliases_path = /usr/bin/newaliases.postfix > queue_directory = /var/spool/postfix readme_directory = > /usr/share/doc/postfix-2.6.6/README_FILES relayhost = > [smtp.att.yahoo.com]:587 Eh? why are some entries listed twice? Cut & Paste error or trash in main.cf? > sample_directory = /etc/postfix sender_dependent_relayhost_maps > = hash:/etc/postfix/sender_relay sendmail_path = > /usr/sbin/sendmail.postfix setgid_group = postdrop > smtp_generic_maps = hash:/etc/postfix/generic smtp_helo_name = > home.bellsouth.net smtp_sasl_auth_enable = yes > smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd > smtp_sasl_security_options = > smtp_sender_dependent_authentication = yes smtp_tls_loglevel = > 2 smtp_tls_policy_maps = hash:/etc/postfix/tls_policy So you're using the default smtp_tls_security_level = none. > smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) > (CentOS Linux) syslog_name = postfix > unknown_local_recipient_reject_code = 550 > > In case it is needed here is the content of tls_policy: > > in.mailjet.com may smtp.att.yahoo.com:587 encrypt and this entry doesn't exactly match your relayhost setting. First, set main.cf smtp_tls_security_level = may and then fix your tls_policy entries. -- Noel Jones > > > MailJet is the server that is working (Note: until this thread > the entry for yahoo was the same). > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJS6mocAAoJEJGRUHb5Oh6gSvkH/jPK7nV5MHbNt+UOhMdY7lpJ fHJkojoh/dBjud85tKnRYM1rw65EQCnsFwlskyQU08BCGegUFflH4KMGdEUMVuy9 rxIzz+Hu7zFJKztYouQqCWBu+VCxkk5MDBwNYT2UdKJ07Q9ZGgmgHPEb07IT/GMK V9MCA40GWT4dMmlht30X6EY0a0SYrlh7CtoKCj02WRkK6ydcLPJidrjIEhOoRHD7 gkDhJe23qWJqjGqbje13Cy/NATOAQVAp6CtYqPFwsr37iIDLvMekipfNAFWnXctT m/19igGnPKjgnSE+2I6A4cBPDYJssptw80ce4iywRBGK7l22CCVeLnm4plJTy9M= =158Y -----END PGP SIGNATURE-----
