Unable to set postfix as smarthost with plain authentication on port 25 (no tls/ssl): error 550 5.1.0 xxxxx authentication failed
- Am 14.02.2013 14:48, schrieb Luca Arzeni:
> I'm in need of using a smarthost to relay all of my mail.maybe he does not like PLAIN without encryption
> I'm unable to use an italia provider (aruba) as smarthos for my server.
> I obtain the (in)famous "550 5.1.0 XXXXX authentication failed"
why in the world would anybody do this?
install "cyrus-sasl-md5" or however the package is called
in your dsitribution and postfix will automatically use
the best available method
> I've tested username/password using thunderbird as client, it workswith unencrypted plain auth?
> I've tested the same configuration with another provider: it works.does not matter
> My guess is that the provider uses different server to answer to my requesthow should it do this?
> and so postfix is unable to find a matching password inYOU control the match not the target server
> file /etc/postfix/sasl/saslpasswd.
YOU control that host/port of the reylhost matchs EXACTLY
how it is defined in "saslpasswd" and my guess is that
you forgot to put the hostname inside  to disable
# CHANGES: postmap /etc/postfix/saslpasswd
> But I've tried by using smtp_cname_overrides_servername=yes or smtp_cname_overrides_servername=no and it failed indon't do mangling around everywhere
> the same way.
> I've also tried to declare all hostnames that I can see in the logs placing all of them in thewhy are you doing this?
> /etc/postfix/sasl/saslpasswd but even this way I cannot send my mail
- On 14 Feb 2013, at 8:48, Luca Arzeni wrote:
> Is there anyone that can help me?Maybe, maybe not. It is made less likely that anyone will be able to
help by the fact that you ignored the advice sent to all subscribers to
this list about how best to ask for help and get it.
That advice is here: http://www.postfix.com/DEBUG_README.html#mail
Specific to your request:
1. You should be expansive rather than selective when posting logs. In
this case you seem to have logged the whole SMTP chat, yet you only
posted 2 lines. Earlier lines in this case would be critical to any
2. Do not make any changes to log lines except to obscure truly
security-sensitive information like authentication tokens or private
email addresses. Hostnames and IP addresses are almost never worth
obscuring and can be critical to figuring out a problem. In this case,
you even asked about host identity and naming issues that we could help
you with if you had not falsified what little evidence you provided.
3. Including 'postconf -n' output is important because it shows all of
the non-default configuration that Postfix actually uses. Citing a few
settings without stating whether they came from main.cf or postconf
output leaves open a broad range for conjecture and if you don't know
how to correct your config, then your determination of what
configuration is "relevant" is likely to be wrong.
Some wild guesses on your difficulty:
A. Your provider isn't offering an AUTH mechanism that your SASL config
will use so there was no AUTH attempted, yet your provider requires it.
B. Some idiot between your server and your provider has put a Cisco PIX
or ASA in your path and turned on its 'smtp fixup' misfeature.
C. There are errant/mismatched quotes and/or whitespace in your main.cf
that results in a formally valid format that is not being parsed as you
intend it to be.
D. The main.cf file that you *think* Postfix is using is not the one it
*is* using, due to a misconfigured chroot.
My hunch is that there is about a 90% chance that your problem is caused
by something else, but all of those unlikely possibilities could be
eliminated (or confirmed) if you were to simply follow the instructions
for seeking help here.