Loading ...
Sorry, an error occurred while loading the content.

Re: 250-AUTH LOGIN PLAIN & 250-AUTH=LOGIN PLAIN

Expand Messages
  • Jeroen Geilman
    ... That could mean one of three things: either you have not enabled SASL on port 587, or you have set smtpd_tls_auth_only = yes on port 587, which prevents
    Message 1 of 3 , Jun 20, 2013
    • 0 Attachment
      On 06/20/2013 11:19 AM, Mohsen Pahlevanzadeh wrote:
      Dear all,
      when i use 
      telnet 0 587, i get the following result:
      Trying 0.0.0.0...
      Connected to 0.
      Escape character is '^]'.
      220 mail.pahlevanzadeh.info ESMTP Postfix
      AND WHEN I USE EHLO COMMAND, I GET THE FOLLOWING RESULT:
      ehlo localhost
      250-mail.pahlevanzadeh.infousing
      250-PIPELINING
      250-SIZE 10240000
      250-VRFY
      250-ETRN
      250-STARTTLS
      250-ENHANCEDSTATUSCODES
      250-8BITMIME
      250 DSN
      
      But i don't see two following lines in above:
      250-AUTH LOGIN PLAIN
      250-AUTH=LOGIN PLAIN
      

      That could mean one of three things: either you have not enabled SASL on port 587, or you have set "smtpd_tls_auth_only = yes" on port 587, which prevents AUTH before TLS, or you have enforced TLS, which has the same effect.

      From main.cf:

      	smtpd_sasl_auth_enable = yes
      	smtpd_sasl_path = inet:localhost:1023
      	smtpd_sasl_security_options = noanonymous
      	smtpd_sasl_type = dovecot
      	smtpd_tls_auth_only = no
      
      From your master.cf entry for submission:
      	submission inet  n       -       -       -       -       smtpd 
      		-o smtpd_tls_security_level=encrypt 
      
      It's reason #3: you enforce TLS on submission.
      

      I attached my main.cf and my master.cf,
      i have a newbie question: if i get good result, should i run dovecot?

      Dovecot serves several functions, two or three of which can be integrated with postfix.
      If you're using dovecot as your SASL provider, you're already running it.

      second question: how i can see the two lines in the smtp result?
      

      You do not want to see those two lines before TLS.

      You can test an encrypted connection using the openssl s_client subcommand; you should see the AUTH entries after you have completed STARTTLS.


      -- 
      J.
      
    Your message has been successfully submitted and would be delivered to recipients shortly.