On Mon, Feb 10, 2014 at 09:54:42AM -0800, fleon wrote:
> Hello, i am using Debian 7.3 with postfix, and am trying to send email
> through our Exchange 2007 server. I have read tons of posts but i have been
> unable to get it to work
>
> I am using the postfix package that comes with Debian, and also installed
> libsasl2-modules
Does this include an NTLM plugin?
> On mail.cf i tried the following:
>
> relayhost= exchangeserver.ourdomain.com
Perhaps you mean:
relayhost = [exchangeserver.ourdomain.com]
which is better when MX record lookups are not intended.
> smtp_sasl_password_maps=hash:/etc/postfix/sasl/sasl_passwd
>
> I get 5.3.5 5.7.3 Authentication unsuccessful, so i also tried using telnet
> to port 25
Which mechanism does Postfix attempt to use? (add the destination to
debug_peer_list and examine the verbose logs).
> I am using command AUTH NTLM, which returns 334,
Is that what Postfix uses? 334 just means continue, which means that
NTLM authentication requires a multi round-trip handshake.
> but so far i have tried unsuccessfully to enter the login as follows:
The data should probably be base64 encoded, ... interactive debugging
is unlikely to be useful.
> on /etc/postfix/sasl/sasl_passwd i have:
> exchangeserver.ourdomain.com myu...@ourdomain.com:password
If you put "[]" around the relayhost setting, do likewise around
the password table lookup key.
This may not be the right username format. Perhaps you need:
DOMAIN\myuser. However, if your server supports GSSAPI, you might
have more luck with that. You just need a working credential cache
in KRB5CCNAME. An hourly cron job can run "kinit" to refresh the
ccache, while KRB5CCNAME can be added to the Postfix SMTP client
by setting "import_environment" to include all the default values
plus "KRB5CCNAME=FILE:/some/path".
--
Viktor.
