> On 2022-01-13 at 20:26:53 UTC-0500 (Thu, 13 Jan 2022 20:26:53 -0500) > Joe Acquisto-j4 <j...@j4computers.com> > is rumored to have said: > > [...] >> Would it be valid to presume that an SMTP server that can be connected >> to, >> securely, via Outlook, Thunderbird and the other common clients, can >> be >> connected to via the postfix SASL stuff? > > No. There are authentication mechanisms supported by interactive clients > that are not supported by Cyrus. The most important ones are OAUTHBEARER > and XOAUTH2, which require an out-of-band (web) interaction following > the OAuth2 protocol, typically to support 2FA methods that require a > live human interaction. > >> Or is SASL/Cyrus an equine of >> a different hue? > > SASL is a broad framework used by many application protocols (SMTP, > IMAP, etc.) for authentication and each implementation is unique, but > hopefully they are interoperable when needed. As long as the relay isn't > requiring an authentication mechanism that is designed to exclude bots > (such as the those mentioned above) it should be possible to get Postfix > (using Cyrus) to authenticate to it. > > > -- > Bill Cole > b...@scconsult.com or billc...@apache.org > (AKA @grumpybozo and many *@billmail.scconsult.com addresses) > Not Currently Available For Hire
I guess this is going a bit astray, for some viewers anyway, but after repeated authentication failures, resorted to (or availed myself of) SWAKS and still get authentication failures. I did set swaks to echo the credentials in plaintext, to the screen and know they are correct. I am unsure why they are "broken up" with "->" and <-" and wonder if that should provide a clue? Below is what is echoed to the screen. ~ # swaks === Trying mail.somehost.com:587... === Connected to mail.somehost.com. <- 220 mail.somehost.com ESMTP Postfix -> EHLO auxilary <- 250-forwardx.somehost.com <- 250-PIPELINING <- 250-SIZE 56789012 <- 250-VRFY <- 250-ETRN <- 250-STARTTLS <- 250-AUTH PLAIN LOGIN <- 250-AUTH=PLAIN LOGIN <- 250-ENHANCEDSTATUSCODES <- 250-8BITMIME <- 250 DSN -> AUTH LOGIN <- 334 bla- -> blah-user <- 334 bla -> blah-password <** 535 5.7.8 Error: authentication failed: UGFzc3dvcmQ6 *** No authentication type succeeded -> QUIT <- 221 2.0.0 Bye === Connection closed with remote host. joe a.
