22.3.2014 23:46, li...@rhsoft.net kirjoitti: > > > Am 22.03.2014 22:08, schrieb Anonymous12: >> 22.3.2014 23:06, li...@rhsoft.net kirjoitti: >>> uhm you posted that line in your "postconf -n" output >>> >>> smtp_tls_policy_maps = hash:/etc/postfix/tls_policy >>> >>> besides a complete log what is the content of that file? >>> >>> is there anything related to the destination which may restrict >>> the used auth-mechs and so no matching one is left? >> >> Output of /etc/postfix/tls_policy: >> >> [mail.riseup.net]:587 encrypt protocols=TLSv1 ciphers=high >> >> Complete log: >> >> Mar 22 22:06:02 vps44713 postfix/master[2311]: reload -- version 2.9.6, >> configuration /etc/postfix >> Mar 22 22:06:16 vps44713 postfix/smtpd[10210]: connect from >> localhost[127.0.0.1] >> Mar 22 22:06:49 vps44713 postfix/smtpd[10210]: 7BFFB3E030B: >> client=localhost[127.0.0.1] >> Mar 22 22:06:57 vps44713 postfix/cleanup[10224]: 7BFFB3E030B: >> message-id=<20140322210649.7bffb3e0...@example.com> >> Mar 22 22:06:57 vps44713 postfix/qmgr[10204]: 7BFFB3E030B: >> from=<anonymou...@riseup.net>, size=338, nrcpt=1 (queue active) >> Mar 22 22:06:58 vps44713 postfix/smtp[10225]: warning: SASL >> authentication failure: No worthy mechs found >> Mar 22 22:06:58 vps44713 postfix/smtp[10225]: 7BFFB3E030B: SASL >> authentication failed; cannot authenticate to server >> mail.riseup.net[198.252.153.55]: no mechanism available >> Mar 22 22:06:58 vps44713 postfix/smtpd[10210]: disconnect from >> localhost[127.0.0.1] >> Mar 22 22:07:00 vps44713 postfix/smtp[10225]: warning: SASL >> authentication failure: No worthy mechs found >> Mar 22 22:07:00 vps44713 postfix/smtp[10225]: 7BFFB3E030B: >> to=<anonymou...@riseup.net>, relay=mail.riseup.net[198.252.153.56]:587, >> delay=17, delays=14/0.05/2.5/0, dsn=4.7.0, status=deferred (SASL >> authentication failed; cannot authenticate to server >> mail.riseup.net[198.252.153.56]: no mechanism available) > > i do not see any indication that the connection is encrypted > if that is the case, well, than no auth is offered > > main.cf: > smtp_tls_loglevel = 1 > > (don't forget the postfix reload after that) > > after that you should see lines similar to the one below > if teh connection is encrypted, honsetly i would *remove* > "smtp_tls_policy_maps" from the configuraton, it is not > needed for opportunistic TLS and should only be used to > solve *specific* problems > > Mar 22 03:42:05 testserver postfix/smtp[7211]: Untrusted TLS connection > established to > 192.168.196.1[192.168.196.1]:25: TLSv1.2 with cipher > ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) > Mar 22 23:44:16 vps44713 postfix/master[2311]: reload -- version 2.9.6, configuration /etc/postfix Mar 22 23:44:38 vps44713 postfix/smtpd[13338]: connect from localhost[127.0.0.1] Mar 22 23:45:04 vps44713 postfix/smtpd[13338]: 15EC73E0314: client=localhost[127.0.0.1] Mar 22 23:45:16 vps44713 postfix/cleanup[13378]: 15EC73E0314: message-id=<20140322224504.15ec73e0...@example.com> Mar 22 23:45:16 vps44713 postfix/qmgr[13313]: 15EC73E0314: from=<anonymou...@riseup.net>, size=445, nrcpt=1 (queue active) Mar 22 23:45:18 vps44713 postfix/smtpd[13338]: disconnect from localhost[127.0.0.1] Mar 22 23:45:18 vps44713 postfix/smtp[13379]: Untrusted TLS connection established to mail.riseup.net[198.252.153.56]:587: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) Mar 22 23:45:18 vps44713 postfix/smtp[13379]: warning: SASL authentication failure: No worthy mechs found Mar 22 23:45:18 vps44713 postfix/smtp[13379]: 15EC73E0314: SASL authentication failed; cannot authenticate to server mail.riseup.net[198.252.153.56]: no mechanism available Mar 22 23:45:19 vps44713 postfix/smtp[13379]: Untrusted TLS connection established to mail.riseup.net[198.252.153.55]:587: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) Mar 22 23:45:19 vps44713 postfix/smtp[13379]: warning: SASL authentication failure: No worthy mechs found Mar 22 23:45:19 vps44713 postfix/smtp[13379]: 15EC73E0314: to=<anonymou...@riseup.net>, relay=mail.riseup.net[198.252.153.55]:587, delay=23, delays=20/0.07/3.1/0, dsn=4.7.0, status=deferred (SASL authentication failed; cannot authenticate to server mail.riseup.net[198.252.153.55]: no mechanism available)
P.S I'm not the one who's in charge of the mail.riseup.net server.
