Interesting. You gave me hope but they are shattered again. Waaa! I noticed I did not have square brackets and that my permissions were 660 instead of 600. So I changed the sasl_passwd file contents to be
[smtp.comcast.net]:587 username:password double checked to make sure correct, ran postmap hash:sasl_passwd, fixed permissions, did a postfix reload, postfix flush, then tried date | mail -s test wealthyc...@gmail.com And it’s still evil in the logs, but I no longer get a bounce email from comcast as I did before. So it’s “better” perhaps? I don’t know. Sigh, still hoping! Aug 16 13:14:29 RichCookHomeMac postfix/pickup[48035]: 5D63529CAF95: uid=0 from=<root> Aug 16 13:14:29 RichCookHomeMac postfix/cleanup[48045]: 5D63529CAF95: message-id=<20140816201429.5d63529ca...@richcook.net> Aug 16 13:14:29 RichCookHomeMac postfix/qmgr[48036]: 5D63529CAF95: from=<r...@richcook.net>, size=332, nrcpt=1 (queue active) Aug 16 13:14:29 RichCookHomeMac postfix/smtp[48038]: connect to smtp.comcast.net[2001:558:fe2d:70::30]:587: No route to host Aug 16 13:14:29 RichCookHomeMac postfix/smtp[48038]: warning: SASL authentication failure: No worthy mechs found Aug 16 13:14:29 RichCookHomeMac postfix/smtp[48038]: 5D63529CAF95: to=<wealthyc...@gmail.com>, relay=smtp.comcast.net[76.96.40.155]:587, delay=0.42, delays=0/0/0.41/0, dsn=4.7.0, status=deferred (SASL authentication failed; cannot authenticate to server smtp.comcast.net[76.96.40.155]: no mechanism available) Current main.cf: mydomain_fallback = localhost biff = no #mynetworks = 127.0.0.0/8, [::1]/128 #smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated permit recipient_delimiter = + smtpd_tls_ciphers = medium inet_protocols = all inet_interfaces = loopback-only #====================================================================== relayhost=[smtp.comcast.net]:587 smtp_sasl_auth_enable=yes smtp_sasl_password_maps=hash:/etc/postfix/sasl_passwd smtp_use_tls = yes smtpd_sasl_auth_enable=yes smtpd_use_pw_server=yes enable_server_options=yes smtpd_pw_server_security_options=plain, login # smtp_tls_loglevel=3 smtpd_sasl_security_options=noanonymous broken_sasl_auth_clients=yes smtpd_sasl_local_domain=$mydomain smtp_sasl_mechanism_filter = # OLD # Rich Cook mods: message_size_limit = 0 mydomain = richcook.net myhostname = richcook.net mynetworks=192.168.0.0/16,rcmac.llnl.gov,localhost,mom.richcook.net smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated reject On Aug 16, 2014, at 10:34 AM, Viktor Dukhovni <postfix-us...@dukhovni.org> wrote: > On Sat, Aug 16, 2014 at 09:24:58AM -0700, Rich Cook wrote: > >> ------------------------------------------------------------------------------------------ >> Aug 16 09:20:11 RichCookHomeMac postfix/smtp[40033]: >> Untrusted TLS connection established >> to smtp.comcast.net[76.96.40.155]:587: >> TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) >> >> Aug 16 09:20:12 RichCookHomeMac postfix/smtp[40033]: 6524929C83DF: >> to=<wealthyc...@gmail.com>, relay=smtp.comcast.net[76.96.40.155]:587, >> delay=0.64, delays=0.02/0.03/0.52/0.07, dsn=5.1.0, status=bounced >> (host smtp.comcast.net[76.96.40.155] said: >> 550 5.1.0 Authentication required (in reply to MAIL FROM command)) >> >> Aug 16 09:20:12 RichCookHomeMac postfix/bounce[40035]: 6524929C83DF: >> sender non-delivery notification: 152B329C83E1 >> ------------------------------------------------------------------------------------------ > > Your reported configuration is: > > relayhost = [smtp.comcast.net]:587 > smtp_sasl_auth_enable = yes > smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd > smtp_use_tls = yes > > Most likely the content of /etc/postfix/sasl_passwd is not > right, and/or you've not run "postmap /etc/postfix/sasl_passwd" > to update the corresponding ".db" indexed file. The requisite > content is: > > [smtp.comcast.net]:587 <username>:<password> > > where <username> and <password> are replaced with the appropriate > strings. The file should belong to "root" and have access mode > "0600". > >> Plus a bounce email from comcast, which is no surprise of course given the >> above. >> >>> This is the mail system at host richcook.net. > > Actually, the bounce message was not "from comcast", it was "about comcast", > it was actually sent by your own server, reporting the failure to relay > via comcast. > > -- > Viktor. >> >> >> >> Rich Cook wealthyc...@gmail.com ---------------------------------------------- If you don't laugh enough, you might have humorrhoids, which is an enlargement of the onus, and the only thing you can pass then is heavy judgment. -- Swami Beyondananda
