-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 7/22/2014 2:11 AM, nobody73 wrote: > On 22/07/2014 02:23, Noel Jones wrote: >> On 7/21/2014 5:32 PM, nobody73 wrote: >>> Sorry for the debug logs but i think the reason why of my >>> "UNKNOWN" issue is beacause connecting from abroad the >>> hosted smtpd server there is no match in $mynetworks >>> statement as you can see > >> No, the "after UNKNOWN from" means postfix received something >> other than an SMTP command. > > > > I agree ,BUT ... > >>> and normal logs say: > >>>> lost connection after UNKNOWN from >>>> mylaptop.client[1.2.3.4] > >> Postfix is reporting an unknown command here. The usual >> cause is the client trying to use the deprecated smtps/SSL >> connection, although I suppose the client can send garbage >> for other reasons. > > > > I'm using thunderbird client and STARTTLS
The logs suggest there's an encryption mismatch between the client and postfix. Make sure you're looking at the "outgoing server SMTP" settings in thunderbird, not the IMAP settings. > >>> The lost connection after UNKNOWN happens even from an >>> authenticated connection by the way and saslauthd works: > >>>> testsaslauthd -u user -p p4ssw0rd 0: OK "Success." > > from a local test saslauthd works but connecting from abroad it > doesn't,that's why i think it is a $mynetworks statement > think. > > warning: myclient.laptop[11.22.33.44]: SASL PLAIN > authentication failed: authentication failure warning: > myclient.laptop[11.22.33.44]: SASL LOGIN authentication failed: > authentication failure The authentication failed. This has nothing to do with mynetworks. Perhaps your authentication test failed because of a misconfiguration in the postfix sasl parameters, or perhaps your test method is flawed. Either way, that's something else that needs to be fixed and tested. This also has nothing to do with the "lost connection after UNKNOWN" log entry, which is caused by sending garbage on the connection. > >> You might try testing with telnet rather than your >> misconfigured client. > > These are logs by telnet-ssl from my laptop machine: > > NOQUEUE: reject: RCPT from myclient.laptop[11.22.33.44]: 454 > 4.7.1 <mailto@adress>: Relay access denied; from=<root> > to=<mailto@adress> proto=ESMTP helo=<my.server.hostname> I think telnet-ssl will fall back to plaintext if the SSL wrappermode handshake fails. Better to test with either regular telnet or openssl s_client so you know for sure what protocol is being used. Relay access is not allowed because authentication failed. This has nothing to do with mynetworks. -- Noel Jones -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTznnhAAoJEJGRUHb5Oh6gFjgIAKvSos2mGA8/NF75gp9uR1Ey bDjdZam4uCotaseyKzNPEhLMl9hPIpNrJ4Vs94VtBOti1YLv2JlAXT5lydRcE7/q T+WYyOi3hEy+hAS93qzPw3Jbsdv191KbWABzO0xLt+RDQ2GrQD3Q4U3mHKC3E32u 5nO/V0pi4MIXm0Cgl+NS/p7oBsDsAZ7JaDYCnk2OLu8syVz2pZDhfWfcvueimjd+ dC4xJTciAbZKJW24CW56nG1uBWds14RBUmoxBV7j4y79tqbLWFiVliycoax0hGAn 8ned5V1d/Vd9qEwk9BdCCMRS4eCmmehjgLt0Z04xR9cpW6JFElqQdNr82riF4gA= =nKgP -----END PGP SIGNATURE-----
