Loading ...
Sorry, an error occurred while loading the content.

250-AUTH LOGIN PLAIN & 250-AUTH=LOGIN PLAIN

Expand Messages
  • Mohsen Pahlevanzadeh
    Dear all, when i use telnet 0 587, i get the following result: Trying 0.0.0.0... Connected to 0. Escape character is ^] . 220 mail.pahlevanzadeh.info ESMTP
    Message 1 of 3 , Jun 20, 2013
    • 0 Attachment
      Dear all,
      when i use
      telnet 0 587, i get the following result:
      Trying 0.0.0.0...
      Connected to 0.
      Escape character is '^]'.
      220 mail.pahlevanzadeh.info ESMTP Postfix
      AND WHEN I USE EHLO COMMAND, I GET THE FOLLOWING RESULT:
      ehlo localhost
      250-mail.pahlevanzadeh.info
      250-PIPELINING
      250-SIZE 10240000
      250-VRFY
      250-ETRN
      250-STARTTLS
      250-ENHANCEDSTATUSCODES
      250-8BITMIME
      250 DSN

      But i don't see two following lines in above:
      250-AUTH LOGIN PLAIN
      250-AUTH=LOGIN PLAIN


      I attached my main.cf and my master.cf,
      i have a newbie question: if i get good result, should i run dovecot?
      second question: how i can see the two lines in the smtp result?


      --mohsen
    • Dominik George
      Hi, ... have you upgraded Postfix to 2.10 recently? In this case, you might have missed the smtpd_relay_restrictions change ... Cheers, Nik [1]
      Message 2 of 3 , Jun 20, 2013
      • 0 Attachment
        Hi,

        > But i don't see two following lines in above:
        > 250-AUTH LOGIN PLAIN
        > 250-AUTH=LOGIN PLAIN

        have you upgraded Postfix to 2.10 recently?

        In this case, you might have missed the smtpd_relay_restrictions change
        pointed out in the release notes [1]:

        > Feature 20121007] This version introduces the smtpd_relay_restrictions
        > feature for mail relay control. The new built-in default settings
        > are:
        >
        > smtpd_relay_restrictions =
        > permit_mynetworks
        > reject_unauth_destination
        >
        > smtpd_recipient_restrictions =
        > ( optional spam blocking rules would go here )

        Cheers,
        Nik

        [1] http://de.postfix.org/ftpmirror/official/postfix-2.10.0.RELEASE_NOTES

        --
        <Natureshadow> Auf welchem Server liegt das denn jetzt…?
        <mirabilos> Wenn es nicht übers Netz kommt bei Hetzner, wenn es nicht
        gelesen wird bei STRATO, wenn es klappt bei manitu.

        PGP-Fingerprint: 3C9D 54A4 7575 C026 FB17 FD26 B79A 3C16 A0C4 F296
      • Jeroen Geilman
        ... That could mean one of three things: either you have not enabled SASL on port 587, or you have set smtpd_tls_auth_only = yes on port 587, which prevents
        Message 3 of 3 , Jun 20, 2013
        • 0 Attachment
          On 06/20/2013 11:19 AM, Mohsen Pahlevanzadeh wrote:
          Dear all,
          when i use 
          telnet 0 587, i get the following result:
          Trying 0.0.0.0...
          Connected to 0.
          Escape character is '^]'.
          220 mail.pahlevanzadeh.info ESMTP Postfix
          AND WHEN I USE EHLO COMMAND, I GET THE FOLLOWING RESULT:
          ehlo localhost
          250-mail.pahlevanzadeh.infousing
          250-PIPELINING
          250-SIZE 10240000
          250-VRFY
          250-ETRN
          250-STARTTLS
          250-ENHANCEDSTATUSCODES
          250-8BITMIME
          250 DSN
          
          But i don't see two following lines in above:
          250-AUTH LOGIN PLAIN
          250-AUTH=LOGIN PLAIN
          

          That could mean one of three things: either you have not enabled SASL on port 587, or you have set "smtpd_tls_auth_only = yes" on port 587, which prevents AUTH before TLS, or you have enforced TLS, which has the same effect.

          From main.cf:

          	smtpd_sasl_auth_enable = yes
          	smtpd_sasl_path = inet:localhost:1023
          	smtpd_sasl_security_options = noanonymous
          	smtpd_sasl_type = dovecot
          	smtpd_tls_auth_only = no
          
          From your master.cf entry for submission:
          	submission inet  n       -       -       -       -       smtpd 
          		-o smtpd_tls_security_level=encrypt 
          
          It's reason #3: you enforce TLS on submission.
          

          I attached my main.cf and my master.cf,
          i have a newbie question: if i get good result, should i run dovecot?

          Dovecot serves several functions, two or three of which can be integrated with postfix.
          If you're using dovecot as your SASL provider, you're already running it.

          second question: how i can see the two lines in the smtp result?
          

          You do not want to see those two lines before TLS.

          You can test an encrypted connection using the openssl s_client subcommand; you should see the AUTH entries after you have completed STARTTLS.


          -- 
          J.
          
        Your message has been successfully submitted and would be delivered to recipients shortly.