[pfx] Re: Authentication question

Am 22.02.24 um 18:29 schrieb Matus UHLAR - fantomas via Postfix-users: Am 22.02.24 um 15:58 schrieb Wietse Venema via Postfix-users: michaelof--- via Postfix-users: 2024-02-22T13:56:15.715392+01:00 vserver postfix/submission/smtpd[150038]: connect from 2024-02-22T13:56:15.715607+01:00 vserver

[pfx] Re: Authentication question

michaelof--- via Postfix-users: > 2024-02-22T17:49:57.074140+01:00 vserver postfix/smtps/smtpd[165894]: connect > from > 2024-02-22T17:49:57.177663+01:00 vserver postfix/smtps/smtpd[165894]: > warning: : SASL LOGIN authentication failed: > Invalid authentication mechanism Your smtpd_sasl_secu

[pfx] Re: Authentication question

Am 22.02.24 um 15:58 schrieb Wietse Venema via Postfix-users: michaelof--- via Postfix-users: 2024-02-22T13:56:15.715392+01:00 vserver postfix/submission/smtpd[150038]: connect from 2024-02-22T13:56:15.715607+01:00 vserver postfix/submission/smtpd[150038]: improper command pipelining after CO

[pfx] Re: Authentication question

michaelof--- via Postfix-users wrote: > > Thank you so much for answering, Wietse! > > Followed your recommendations, master.cf for submission and smtps now looks > as follows: > > > Opened smtps service in firewalld. > > Changed email user config for testing in Thunderbird from port 578 t

[pfx] Re: Authentication question

Am 22.02.24 um 15:58 schrieb Wietse Venema via Postfix-users: michaelof--- via Postfix-users: 2024-02-22T13:56:15.715392+01:00 vserver postfix/submission/smtpd[150038]: connect from 2024-02-22T13:56:15.715607+01:00 vserver postfix/submission/smtpd[150038]: improper command pipelining after CO

[pfx] Re: Authentication question

michaelof--- via Postfix-users: > 2024-02-22T13:56:15.715392+01:00 vserver postfix/submission/smtpd[150038]: > connect from > 2024-02-22T13:56:15.715607+01:00 vserver postfix/submission/smtpd[150038]: > improper command pipelining after CONNECT from sender-dns-name[IPv4]>: \026\003\001\001 > \

[pfx] Re: Authentication question

On 22.02.24 15:28, michaelof--- via Postfix-users wrote: Postfix 3.7.3 on OpenSuse Leap 15.5 I've set up my private Postfix for outgoing SMTP traffic with authentication, port 587, starttls, password normal. Works fine for years now (2016 or so) for outgoing email sent via Thunderbird, Roundc

Re: "Authentication-Results" header order

On 7/4/21 4:10 PM, Juri Haberland wrote: On 03/07/2021 13:29, Markus E. wrote: By the way, I like the way Google merges the headers into one, like: an additional option is: https://github.com/fastmail/authentication_milter very config'able, a typical header appears as: Authenticati

Re: "Authentication-Results" header order

On 03/07/2021 13:29, Markus E. wrote: > By the way, I like the way Google merges the headers into one, like: > > Authentication-Results: mx.google.com; > dkim=pass header.i=@example.net header.s=example header.b=lXmpAXoJ; > spf=pass (google.com: domain of u...@example.net designates X.X

Re: "Authentication-Results" header order

On Mon, 28 Jun 2021, Kevin N. wrote: Super. Thank you for all the info :) Cheers, Kevin By the way, I like the way Google merges the headers into one, like: Authentication-Results: mx.google.com; dkim=pass header.i=@example.net header.s=example header.b=lXmpAXoJ; spf=pass (google.c

Re: "Authentication-Results" header order

Super. Thank you for all the info :) Cheers, Kevin On 28/06/2021 00:04, David Bürgin wrote: Kevin N.: Milters decide themselves where they want to insert headers, by index. Depending on the order in which milters run, insertion done by one milter can shift the insertion point of the next mi

Re: "Authentication-Results" header order

Kevin N.: > > Milters decide themselves where they want to insert headers, by index. > > Depending on the order in which milters run, insertion done by one > > milter can shift the insertion point of the next milter. > > > > The sendmail milter API that milters use to insert headers has a bit of >

Re: "Authentication-Results" header order

Hi David, Thank you for the detailed explanation. Milters decide themselves where they want to insert headers, by index. Depending on the order in which milters run, insertion done by one milter can shift the insertion point of the next milter. The sendmail milter API that milters use to inse

Re: "Authentication-Results" header order

Thank you for the clarification, Cheers, Kevin On 27/06/2021 02:36, Wietse Venema wrote: Kevin N.: 3. From what I've read, the milters are called in the order they are specified. But does that mean that for each SMTP event Postfix will call the milters in the specified order? Yes. Each ev

Re: "Authentication-Results" header order

Hi Kevin, > I am using two milters to check incoming mail for DKIM signatures and SPF > records. They are specified in main.cf using the "smtpd_milters" parameter. > > Now, > when I place the DKIM milter before the SPF milter, like so: > > > smtpd_milters = inet:dkim-milter-host:port, inet:spf-

Re: "Authentication-Results" header order

Kevin N.: > 3. From what I've read, the milters are called in the order they are > specified. > > But does that mean that for each SMTP event Postfix will call the > milters in the specified order? Yes. Each event is given to the first milter, then the second milter, and so on. Not: all events

Re: authentication required error codes

Matus UHLAR - fantomas: Can I provide "530 5.7.0 Authentication Required." error in smtpd_client_restrictions/smtpd_helo_restrictions somehow? I can think of using: mua_client_restrictions = permit_sasl_authenticated, check_client_access static:{"530 5.7.0 Authentication Required."} On 01.0

Re: authentication required error codes

Matus UHLAR - fantomas: > Can I provide "530 5.7.0 Authentication Required." error in > smtpd_client_restrictions/smtpd_helo_restrictions somehow? > > > I can think of using: > > mua_client_restrictions = permit_sasl_authenticated, check_client_access > static:{"530 5.7.0 Authentication Require

Re: authentication required error codes

On 31.05.21 16:48, Matus UHLAR - fantomas wrote: looking at postfix logs I found out that with standard restrictions inherited from main.cf at ports 465/587, the client gets error message like: May 30 12:05:04 mail postfix/submission/smtpd[22649]: NOQUEUE: reject: RCPT from unknown[192.0.2.1]:

Re: authentication required error codes

Matus UHLAR - fantomas: > Hello, > > looking at postfix logs I found out that with standard restrictions > inherited from main.cf at ports 465/587, the client gets error message like: > > May 30 12:05:04 mail postfix/submission/smtpd[22649]: NOQUEUE: reject: RCPT > from unknown[192.0.2.1]: 504 5

Re: authentication required error codes

Dnia 31.05.2021 o godz. 16:48:41 Matus UHLAR - fantomas pisze: > > standard master.cf contains proposed overrides for submission/submissions > services: > > # -o smtpd_client_restrictions=$mua_client_restrictions > # -o smtpd_helo_restrictions=$mua_helo_restrictions > # -o smtpd_sender_restric

Re: Authentication attempts for x...@com.au addresses

Hello Andrey, You've piqued my interest now :-) I have used fail2ban for many things, dovecot, postfix-auth, ssh (moot, after I changed the port), roundcube, etc. What are other tools you would recommend? I have seen the postfix anvil daemon at work in the background. I have gotten used to us

Re: Authentication attempts for x...@com.au addresses

Greetings, Esteban L! > You will need to install fail2ban to ip block failed attempts. > As you have correctly assumed, a malicious person is trying to hack into you > mail server. > Fail2ban is a required application now and days. That's hardly true. I haven't found a use for fail2ban in las

Re: Authentication attempts for x...@com.au addresses

On 03.04.19 14:14, James Brown wrote: Thanks all for your replies. Increasing both Ban time and Find time are good and I’ll do that. Looking through the logs I can see some repeated IPs for IMAP failures, but over long times (eg maybe once or twice a day max). We have Stunnel receive the traff

Re: Authentication attempts for x...@com.au addresses

On 2 Apr 2019, at 23:14, James Brown wrote: We have Stunnel receive the traffic on port 465 and 587 and forward on to 127.0.0.1 on port 25. That seems odd. Why? The whole point of having submission channels distinct from port 25 SMTP is to allow you to put different restrictions on inbound a

Re: Authentication attempts for x...@com.au addresses

On 2 Apr 2019, at 8:10, James Brown wrote: Thanks Esteban. I have fail2ban installed. Unfortunately each attempt comes from a different IP (botnet I presume). I’m finding this all the time now, so fail2ban seems to be no longer much use. Was just hoping there was a Postfix or Dovecot setting

Re: Authentication attempts for x...@com.au addresses

> On 3 Apr 2019, at 9:45 am, Curtis Maurand > wrote: > > > > On 4/2/19 5:39 PM, @lbutlr wrote: >> On 2 Apr 2019, at 14:30, Esteban L > > wrote: >>> The times are in seconds, so you'll need to calculate those times. >> a month is 26297

Re: Authentication attempts for x...@com.au addresses

On 4/2/19 5:39 PM, @lbutlr wrote: On 2 Apr 2019, at 14:30, Esteban L wrote: The times are in seconds, so you'll need to calculate those times. a month is 2629743 seconds. An hour, of course is 3600, but I prefer 86400 which is one day. BTW, pi seconds is very close to 1 nano century. I

Re: Authentication attempts for x...@com.au addresses

On 2 Apr 2019, at 14:30, Esteban L wrote: > The times are in seconds, so you'll need to calculate those times. a month is 2629743 seconds. An hour, of course is 3600, but I prefer 86400 which is one day. BTW, pi seconds is very close to 1 nano century. -- <[TN]FBMachine> I got kicked out of

Re: Authentication attempts for x...@com.au addresses

I agree with Ron Wheeler. The default settings for Dovecot and Postfix are solid. The default settings for Fail2ban, on the other hand, are inadequate. Not because its a bad program, but rather that 1.) the default settings are a little lenient, and 2.) hackers know those default settings. You

Re: Authentication attempts for x...@com.au addresses

On Tue, 2 Apr 2019 at 09:45, Esteban L wrote: > You will need to install fail2ban to ip block failed attempts. > > As you have correctly assumed, a malicious person is trying to hack into > you mail server. > > Fail2ban is a required application now and days. > > On April 2, 2019 8:57:06 AM GMT+0

Re: Authentication attempts for x...@com.au addresses

This will only help if you're getting multiple attempts from one subnet, but I've been able to use fail2ban to block IP ranges instead of single IPs. You just have to be careful or you may block more IPs than you want. I recommend setting fail2ban to NOT start up on boot while testing in case y

Re: Authentication attempts for x...@com.au addresses

There does not seem to be a completely foolproof and easy to manage solution. In my case, I modified the fail2ban time in jail to block the IP for days rather than hours and did a close look at the expressions defining the bad attempts to be sure that I got all (I hope) of the cases that were

Re: Authentication attempts for x...@com.au addresses

You will need to install fail2ban to ip block failed attempts. As you have correctly assumed, a malicious person is trying to hack into you mail server. Fail2ban is a required application now and days. On April 2, 2019 8:57:06 AM GMT+02:00, James Brown wrote: >Not sure if this is a Dovecot or

Re: Authentication query

It could be possible, but I'd be scared of breaking ClearOS's integration. I would do better to update to ClearOS 7.x which uses a version of 2.10 and/or remove the use of SMTPS which is no longer required by my ISP. But thanks for the idea anyway. Nick On 1

Re: Authentication query

> On 16 Jan 2016, at 16:47, Nick Howitt wrote: > > Only since 2.10 or 2.11. It was added because of a discussion with me on > these lists. My distro (RHEL6 related) is stuck on 2.6.6. At some point, when > it is more stable I'll update to my distro's RHEL7 derivative. I can't help > the ISP

Re: Authentication query

On 16/01/2016 16:39, Benny Pedersen wrote: Nick Howitt skrev den 2016-01-16 17:03:  Because I have a dynamic (quasi-static) IP so I relay via my ISP who insisted on SMTPS. SMTPS has only been introduced i

Re: Authentication query

Nick Howitt skrev den 2016-01-16 17:03: Because I have a dynamic (quasi-static) IP so I relay via my ISP who insisted on SMTPS. SMTPS has only been introduced into postfix recently and is not available for my distro. Having said that I may remove stunnel/SMTPS as the ISP backed down and now all

Re: Authentication query

Nick Howitt: >

Re: Authentication query

On 16/01/2016 15:24, Wietse Venema wrote: Nick Howitt: Is it possibly to stop anyone outside my LAN who tries to authenticate on port 25? For example: Remove 'smtpd_sasl_auth_enable = yes' from main.cf. Will do.

Re: Authentication query

On 16/01/2016 15:15, Benny Pedersen wrote: Nick Howitt skrev den 2016-01-16 15:48: reject_rhsbl_sender, dsn.rfc-ignorant.org rfc domain is gone to dev/null see rfc

Re: Authentication query

Nick Howitt: > Is it possibly to stop anyone outside my LAN who tries to authenticate > on port 25? For example: Remove 'smtpd_sasl_auth_enable = yes' from main.cf. Add '-o smtpd_sasl_auth_enable=yes' to the submission service in master.cf. Wietse

Re: Authentication query

Nick Howitt skrev den 2016-01-16 15:48: reject_rhsbl_sender, dsn.rfc-ignorant.org rfc domain is gone to dev/null see rfc-ignorant.de I send mail to the outside world using smtps via stunnel. why complicate things ? Is it possibly to stop anyone outside my LAN who tries to authenticate o

Re: Authentication at MS Exchange as a smarthost fails

Am 16.12.2014 um 13:05 schrieb Jens Kubieziel: I'm trying to set up Postfix to use two smarthosts. All mail sent from domains example.(com|org) should be sent over smtp.gmail.com (default smarthost) and mails from Domain.A should be sent over mailgw.Domain.A (MUA is MS Exchange). I set everythin

Re: Authentication issues

On Friday, August 23, 2013 15:38:38 David Hulsebus wrote: > I apologize in advance for the long post. I started working for a small ISP > with around 3000 mailboxes and inherited a Postfix server that I've been > auditing. It's based on Ubuntu 8.04 LTS, Postfix 2.51, and runs Courier for > pop and

Re: Authentication issues

On Aug 23, 2013, at 21:38, David Hulsebus wrote: > I apologize in advance for the long post. I started working for a small ISP > with around 3000 mailboxes and inherited a Postfix server that I've been > auditing. It's based on Ubuntu 8.04 LTS, Postfix 2.51, and runs Courier for > pop and imap a

Re: Authentication issues

David Hulsebus: > But without the ability to use CRAM-MD5, DIGEST-MD5, NTLM, how can > I use TLS to make the connection and authorize the clients? TLS (formerly known as SSL) encrypts the SMTP session. This uses the STARTTLS command. SASL authenticates the user. This uses the AUTH command. With

RE: authentication

On Sat, 22 Jan 2011 12:43:14 +0300, "Ejaz" wrote: > Dear Patrick, > > Many many Thanks Patrick, yes I have backend servers of CommuniGate Pro > where all the mailboxes exists, but I don't know how to tell postfix to > use these server, is there any built-in configuration files for such > scenar

RE: authentication

owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Patrick Ben Koetter Sent: Saturday, January 22, 2011 11:16 AM To: postfix-users@postfix.org Subject: Re: authentication * Ejaz : > Thanks a lot for your help, would you please tell me in order to achieve as

Re: authentication

ostfix-users@postfix.org > Subject: Re: authentication > > > > * Ejaz : > > > We are and ISP our mail environment is follows > > > > > > Front End Mail server =: (postfix/mailscanner/clamav/spamasssin) where > there > > > are no actual mailb

RE: authentication

-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Patrick Ben Koetter Sent: Wednesday, January 19, 2011 9:44 AM To: postfix-users@postfix.org Subject: Re: authentication * Ejaz : > We are and ISP our mail environment is follows > > Front End Mail server =:

Re: authentication

* Ejaz : > We are and ISP our mail environment is follows > > Front End Mail server =: (postfix/mailscanner/clamav/spamasssin) where there > are no actual mailboxes, just role of this server is to filter the incoming > and outgoing email. After that all the incoming emails will sent to the its >

Re: Authentication problem with Thunderbird

On Mon, Apr 26, 2010 at 10:14:59AM -0700, mohamad rahimi wrote: > I am not sure this is what you want. This is exactly it. Much better, thanks. > Trying 130.83.159.162... > Connected to mx.theo.chemie.tu-darmstadt.de. > Escape character is '^]'. > 220 mx.theo.chemie.tu-darmstadt.de ESMTP Postfi

Re: Authentication problem with Thunderbird

From: Victor Duchovni To: postfix-users@postfix.org Sent: Mon, April 26, 2010 4:25:47 PM Subject: Re: Authentication problem with Thunderbird On Mon, Apr 26, 2010 at 02:57:59AM -0700, mohamad rahimi wrote: > I tested authentication with telnet and open

Re: Authentication problem with Thunderbird

On Mon, Apr 26, 2010 at 02:57:59AM -0700, mohamad rahimi wrote: > I tested authentication with telnet and openssl and I received this error " > 535 5.7.0 Error: authentication failed: authentication failure" > what should I do? You should tell the whole joke, not just the punch-line (last line

Re: Authentication problem with Thunderbird

On 4/26/2010 4:57 AM, mohamad rahimi wrote: *From:* Noel Jones >Instructions for testing your server, which includes >displaying mechanisms offered, can be found here: http://www.postfix.org/SASL_README.html#server_test >Note: if you configured your server to offer different >mechanism

Re: Authentication problem with Thunderbird

From: Noel Jones To: postfix-users@postfix.org Sent: Sun, April 25, 2010 10:45:35 PM Subject: Re: Authentication problem with Thunderbird On 4/25/2010 2:05 PM, mohamad rahimi wrote

Re: Authentication problem with Thunderbird

On 4/25/2010 2:05 PM, mohamad rahimi wrote: *From:* Victor Duchovni *To:* postfix-users@postfix.org *Sent:* Sun, April 25, 2010 8:17:11 PM *Subject:* Re: Authentication problem with Thunderbird On Sun, Apr 25, 2010 at

Re: Authentication problem with Thunderbird

From: Victor Duchovni To: postfix-users@postfix.org Sent: Sun, April 25, 2010 8:17:11 PM Subject: Re: Authentication problem with Thunderbird On Sun, Apr 25, 2010 at 10:18:57AM -0700, mohamad rahimi wrote: > >> "Unable to authentication

Re: Authentication problem with Thunderbird

On Sun, Apr 25, 2010 at 10:18:57AM -0700, mohamad rahimi wrote: > >> "Unable to authentication to SMTP server mx.mydomain. The server does not > > >support any compatible secure authentication mechanism but you have chosen > > >secure authentication. Try switching off secure authentication." > >

Re: Authentication problem with Thunderbird

From: Victor Duchovni To: postfix-users@postfix.org Sent: Sun, April 25, 2010 6:46:55 PM Subject: Re: Authentication problem with Thunderbird >On Sun, Apr 25, 2010 at 09:35:37AM -0700, mohamad rahimi wrote: >> "Unable to authentication

RE: Authentication problem with Thunderbird

Hello, Try this : smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination permit_sasl_authenticated must precede everything to be able to authenticate from outside. You should define something in master.cf to allow different behavior d

Re: Authentication problem with Thunderbird

On Sun, Apr 25, 2010 at 09:35:37AM -0700, mohamad rahimi wrote: > "Unable to authentication to SMTP server mx.mydomain. The server does not > support any compatible secure authentication mechanism but you have chosen > secure authentication. Try switching off secure authentication." "Secure Auth

Re: Authentication in Postfix (for spam) SOLVED

On 2009-12-27 Josep M. wrote: > One question more: You said ".example.com" (with point) What is > the differenceincludes subdomains? man 5 access | domain.tld | Matches domain.tld. | | The pattern domain.tld also matches subdomains, but only when | the string smtpd_acces

Re: Authentication in Postfix (for spam) SOLVED

Hello. Thanks!...Your tip Works great! One question more: You said ".example.com" (with point) What is the differenceincludes subdomains? > > == sender_reject > example.com REJECT authentication required > .example.com REJECT authentication required > Thanks Josep El dom, 27-12

Re: Authentication in Postfix (for spam)

Josep M. a écrit : > Hello. > > In lasts days one spammer had fun with my email address sending me > hundresds of emails, most of them rejected by postfix anti-spam > measures, but not all. > > I will explain the spammer send from internet (without authentication): > > from: websurfer at navegan

Re: Authentication failure with auxprop and sasldb2 plugin

Hey, Patrick. Thanks for the pointer. You found my problem all right -- but I forgot I was working on a 64-bit system! Putting it in /usr/lib64/sasl2 did the trick. Thanks again! - Ann

Re: Authentication failure with auxprop and sasldb2 plugin

* Ann Onemouse <[EMAIL PROTECTED]>: > Hello, all. > > I am having a problem getting postfix to authenticate users with Cyrus- > SASL's 'auxprop' method and the 'sasldb2' internal user database. The > system is question is a freshly-installed CentOS 5.2 server with Cyrus- > SASL version 2.1.22.

RE: authentication failed

> > > postfix/smtpd[19545]: warning: unknown[xxx.yyy.www.zzz]: SASL LOGIN > > > authentication failed: authentication failure > > > > I do get those all the time. Users mistyping their passwords, > > usernames, client's getting AUTH all wrong and so on. > > OK. > > > > then > > > > > > postfix/sm

RE: authentication failed

> > postfix/smtpd[19545]: warning: unknown[xxx.yyy.www.zzz]: SASL LOGIN > > authentication failed: authentication failure > > I do get those all the time. Users mistyping their passwords, > usernames, client's getting AUTH all wrong and so on. OK. > > then > > > > postfix/smtpd[19545]: lost con

Re: authentication failed

On Thu, Oct 30, 2008 at 8:20 AM, Rocco Scappatura <[EMAIL PROTECTED]> wrote: ... > > postfix/smtpd[19545]: disconnect from unknown[xxx.yyy.www.zzz] > > But I think that - being "authentication failure" a warning, the smtp > dialog shoulnt be broken. > > Then I ask why the connection with the client

Re: authentication failed

* Rocco Scappatura <[EMAIL PROTECTED]> wrote: > After connection, in mail log, I get: > > postfix/smtpd[19545]: warning: unknown[xxx.yyy.www.zzz]: SASL LOGIN > authentication failed: authentication failure I do get those all the time. Users mistyping their passwords, usernames, client's getting A

RE: authentication failed

> I'm facing a problem with a client that can't send email trough my mail > gateway.. > > After connection, in mail log, I get: > > postfix/smtpd[19545]: warning: unknown[xxx.yyy.www.zzz]: SASL LOGIN > authentication failed: authentication failure > > then > > postfix/smtpd[19545]: lost connect

RE: authentication failed

> I'm facing a problem with a client that can't send email trough my mail > gateway.. > > After connection, in mail log, I get: > > postfix/smtpd[19545]: warning: unknown[xxx.yyy.www.zzz]: SASL LOGIN > authentication failed: authentication failure > > then > > postfix/smtpd[19545]: lost connect