Hi, I am having trouble sending mail to a specific smtp host, which is configured for sasl authentication on port 25.
I have configured Postfix to send smtp mail from a small number of local domains to the recipient domain's mail exchanger, and to send mail from non local domains such as gmx.de and gmail.com via the appropriate relays using sender_dependent lists. All worked fine until today. The peer that causes trouble is using sasl authentication on port 25, to allow authenticated users sending mail via smtp instead of submission. However, if I try to send mail from an address within one of my local domains to this peer, it fails: May 5 21:46:08 prokyon postfix/smtp[8971]: 983C83CA2: to=<supp...@anonymized.eu>, relay=mail.anonymized.de[217.111.111.111]:25, delay=368, delays=363/1.9/3.1/0, dsn=4.7.8, status=deferred (SASL authentication failed; server mail.anonymized.de[217.111.111.111] said: 535 5.7.8 Error: authentication failed: authentication failure) This is what I get when probing the peer: root@prokyon:/etc/postfix# telnet mail.anonymized.de 25 Trying 217.111.111.111... Connected to mail.anonymized.de. Escape character is '^]'. 220 mail.ktit.de ESMTP Postfix EHLO mydomain.de 250-mail.anonymized.de 250-PIPELINING 250-SIZE 250-ETRN 250-STARTTLS 250-AUTH LOGIN DIGEST-MD5 CRAM-MD5 PLAIN 250-AUTH=LOGIN DIGEST-MD5 CRAM-MD5 PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN quit 221 2.0.0 Bye Connection closed by foreign host. So, my own Postfix tries to authenticate to this server, but of course fails as it does not have any credentials. I see that this seems to be caused by the smtp_sasl_auth_enable = yes flag set in main.cf, which I need because without this, Postfix will never try to authenticate to the sender_dependent relays, e.g. for gmail.com. I don't know what to do about this, is there a way to tell Postfix to only authenticate to those relays defined in sender_dependent, or only when connecting to the submission port? Or can this be a misconfiguration at the peer's side? Thank you for help, Robert
signature.asc
Description: This is a digitally signed message part
