On Wed, Apr 08, 2020 at 02:46:00PM +0200, Erwan David wrote:
> I got this problem sometime ago. It was due to a difference in the
> NTLM used by postfix (I think it comes from dovecot) and the one used
> by MS.
For the record, the change is in SASL, and Postfix uses Dovecot SASL
only when receiving mail. When sending, Postfis uses Cyrus SASL,
which perhaps the OP upgraded to include XOAUTH2 support.
The SASL mechanisms supported by [smtp.office365.com]:587 are:
posttls-finger: < 250-BL0PR02CA0022.outlook.office365.com Hello [...]
posttls-finger: < 250-SIZE 157286400
posttls-finger: < 250-PIPELINING
posttls-finger: < 250-DSN
posttls-finger: < 250-ENHANCEDSTATUSCODES
posttls-finger: < 250-AUTH LOGIN XOAUTH2
posttls-finger: < 250-8BITMIME
posttls-finger: < 250-BINARYMIME
posttls-finger: < 250-CHUNKING
posttls-finger: < 250 SMTPUTF8
posttls-finger: > QUIT
"LOGIN" and "XOAUTH2". Terminology corrections aide, disabling the
latter via:
> Adding
> smtp_sasl_mechanism_filter = plain, login
> made things work again
is most likely the correct solution, with "login" the one that'll be
used in the case of "[smtp.outlook.com]:587".
--
Viktor.
