Hi,
Apologies for long mail, wanted to give all the info i have.
Followed this URL to configure SASL -
http://www.postfix.org/SASL_README.html. Followed the dovecot portion, did
not setup cyrus, as i was bit confused.
postconf-n is at this location -
https://www.dropbox.com/s/4ktakqpwe89y50m/postconf-n.txt?dl=0
Here is what i am seeing.
1 ----When i telnet with above config in postconf-n, i get the below result
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
Looks good as it shows 2 AUTH. I checked auth plain when in telnet and
authentication was successful
Now when i try to use my opera client and configure to use 465 port and
also with secure connection (TLS) checked, nothing happens, it does not
tell me auth failed in the client or in the logs as shown below. Is it an
issue with the client maybe? As soon as i change it to port 25 then the
mails go out fine from opera client, even though i had commented out
mynetworks.
Jun 11 11:23:42 ml dovecot: imap(j...@w8timez.com): Disconnected:
Disconnected in IDLE bytes=886/3033
Jun 11 11:23:42 ml dovecot: imap(j...@w8timez.com): Disconnected:
Disconnected in IDLE bytes=134/1270
Jun 11 11:23:44 ml postfix/smtpd[23152]: connect from
c-24-6-42-3.hsd1.ca.comcast.net[24.6.42.3]
Jun 11 11:23:44 ml dovecot: auth: mysql: Connected to 127.0.0.1
(servermail)
Jun 11 11:23:44 ml dovecot: imap-login: Login: user=<j...@w8timez.com>,
method=LOGIN, rip=24.6.42.3, lip=172.31.5.140, mpid=23163, TLS
Jun 11 11:23:45 ml dovecot: imap-login: Login: user=<j...@w8timez.com>,
method=LOGIN, rip=24.6.42.3, lip=172.31.5.140, mpid=23164, TLS
2 -----Now if i enable this config "smtpd_tls_auth_only=yes", then the
AUTH values disappear in telnet as given below
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
With this auth plain does not work and also opera client is the same as
first scenario, no change, So i dont know if it means the AUTH is not
working.
Now i am stuck, dont know what i am missing :(.
Regards
Jithesh
On Thu, 11 Jun 2015 07:35:13 -0700, Christian Kivalo
<ml+postfix-us...@valo.at> wrote:
On 2015-06-11 16:15, Jithesh AP wrote:
Hi
Hi,
Thank you for your mail.
I reduced the log level and here is the error that shows up as soon as
i try to send a mail from my desktop opera client (the mailserver
runs on my amazon instance). Desktop is at home and using the comcast
connection
----------------------------
Jun 11 06:18:27 ml postfix/postfix-script[20760]: starting the Postfix
mail system
Jun 11 06:18:27 ml postfix/master[20761]: daemon started -- version
2.6.6, configuration /etc/postfix
Jun 11 06:18:41 ml postfix/smtpd[20765]: connect from
c-24-6-42-3.hsd1.ca.comcast.net[24.6.42.3]
Jun 11 06:18:41 ml postfix/smtpd[20765]: setting up TLS connection
from c-24-6-42-3.hsd1.ca.comcast.net[24.6.42.3]
Jun 11 06:18:42 ml postfix/smtpd[20765]: Anonymous TLS connection
established from c-24-6-42-3.hsd1.ca.comcast.net[24.6.42.3]: TLSv1
with cipher DHE-RSA-AES256-SHA (256/256 bits)
Jun 11 06:18:44 ml postfix/smtpd[20765]: warning:
c-24-6-42-3.hsd1.ca.comcast.net[24.6.42.3]: SASL LOGIN authentication
failed: authentication failure
Jun 11 06:18:44 ml postfix/smtpd[20765]: disconnect from
c-24-6-42-3.hsd1.ca.comcast.net[24.6.42.3]
-----------------------------
I dont believe it is a password issue, because i login for reading the
mails and i am using the same username/password, and i dont have any
special setup for smtp, i assume i have to use the same
username/password for sending mails as well.
You can use the same user/pw that you use to login to dovecot. You need
some configuration in postfix (and probably dovecot) that tells postfix
where to ask if that user/pw is allowed to login.
Here are the links to postconf -n (-Mf does not work, probably because
i am on 2.6.6) links on dropbox.
https://www.dropbox.com/s/4ktakqpwe89y50m/postconf-n.txt?dl=0
You don't seem to have any SASL configuration in your config. See
http://www.postfix.org/SASL_README.html for how to configure SASL .
saslfinger -c and -s outputs -
https://www.dropbox.com/s/n211yegaojo5wge/saslfinger-c.txt?dl=0
https://www.dropbox.com/s/j53chd5m0rdduqw/saslfinger-s.txt?dl=0
the saslfinger -c output shows the password_maps parameter not present
in main.cf, i am using virtual users thru mysql not sure what this
parameter needs to map to.
Hope this gives sufficient info to help me out.
Regards
Jithesh
Regards
c
On Wed, 10 Jun 2015 23:09:02 -0700, Christian Kivalo
<ml+postfix-us...@valo.at> wrote:
On 2015-06-11 07:51, Jithesh AP wrote:
Hi,
Hi,
I am a newbie and setting up my postfix+mysql+dovecot.
I got things working for receiving/sending mails, via port 993 and 25
(used a client opera mail). After that i tried to enable smtps via
465, but it is not working, the log is giving this error (receiving
via 993 still works fine). Can someone help pls
Jun 10 22:47:06 ml postfix/smtpd[19945]: SSL_accept:SSLv3 flush data
Jun 10 22:47:06 ml postfix/smtpd[19945]: read from 7FB98ABE1E70
< -- snip -->
with cipher DHE-RSA-AES256-SHA (256/256 bits)
Jun 10 22:47:08 ml postfix/smtpd[19945]: warning:
c-24-6-42-3.hsd1.ca.comcast.net[24.6.42.3]: SASL LOGIN authentication
failed: authentication failure
Reduce your tls log level, thats not helping. The error is shown
here, you have an authentication failure, so probably your user /
password is wrong or your authentication is not setup properly but
that can not be seen as you only show excerpts of your postfix
configuration.
Main.cf config for ssl
smtpd_tls_cert_file=/etc/httpd/ssl/ssl.crt
smtpd_tls_key_file=/etc/httpd/ssl/private.key
smtpd_use_tls=yes
smtpd_tls_loglevel = 3
set smtpd_tls_loglevel = 1 to reduce the verbosity of your tls logs.
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtp_sasl_mechanism_filter = login
Master.cf config for ssl
smtp inet n - n - - smtpd -o
content_filter=spamassassin
submission inet n - n - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
Any help will be really great.
Please read http://www.postfix.org/DEBUG_README.html#mail and share
the output of postconf -n and postconf -Mf with the mailinglist.
Regards
Jithesh
- Christian
--
Using Opera's mail client: http://www.opera.com/mail/
