sasl config confusion postfix 2.10.1

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

sasl config confusion postfix 2.10.1

angelo

 

Hi, I added this to main.cf

 

relayhost = [massmail.uconn.edu]:587

smtp_fallback_relay = [massmail.uconn.edu]:587

smtp_sasl_auth_enable = yes

smtp_sasl_password_maps = hash:/etc/postfix/nexus_passwd

smtp_sasl_security_options =

 

 

I added this to master.cf

submission inet n       -       n       -       -       smtpd

  -o syslog_name=postfix/submission

  -o smtpd_tls_security_level=encrypt

  -o smtpd_sasl_auth_enable=yes

  -o milter_macro_daemon_name=ORIGINATING

 

I reloaded postfix

And see this in logs 

 

[root@production0 alf02013]# grep  89C1F121242FF /var/log/maillog

Aug  7 12:27:28 production0 postfix/cleanup[18993]: 89C1F121242FF: message-id=<[hidden email]>

Aug  7 12:27:28 production0 postfix/bounce[19011]: 85A08121242FE: sender non-delivery notification: 89C1F121242FF

Aug  7 12:27:28 production0 postfix/qmgr[18989]: 89C1F121242FF: from=<>, size=3290, nrcpt=1 (queue active)

Aug  7 12:27:59 production0 postfix/smtp[18995]: 89C1F121242FF: to=<[hidden email]>, relay=massmail.uconn.edu[137.99.26.55]:587, delay=31, delays=0/0/31/0, dsn=5.7.0, status=bounced (host massmail.uconn.edu[137.99.26.55] said: 530 5.7.0 Must issue a STARTTLS command first (in reply to MAIL FROM command))

Aug  7 12:27:59 production0 postfix/qmgr[18989]: 89C1F121242FF: removed

 

 

What am I doing wrong ?

 

Should I see  250-STARTTLS when I do this ???

 

[root@production0 postfix]# telnet localhost 25

Trying ::1...

Connected to localhost.

Escape character is '^]'.

220 production0.nexus.uconn.edu ESMTP Postfix

ehlo uconn.edu  

250-production0.nexus.uconn.edu

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DSN

quit

221 2.0.0 Bye

 

 

-ANGELO FAZZINA

 

[hidden email]

University of Connecticut,  ITS, SSG, Server Systems

860-486-9075

 

Reply | Threaded
Open this post in threaded view
|

Re: sasl config confusion postfix 2.10.1

Ralf Hildebrandt-2
* Fazzina, Angelo <[hidden email]>:
>
> Hi, I added this to main.cf
>
> relayhost = [massmail.uconn.edu]:587
> smtp_fallback_relay = [massmail.uconn.edu]:587
> smtp_sasl_auth_enable = yes
> smtp_sasl_password_maps = hash:/etc/postfix/nexus_passwd
> smtp_sasl_security_options =

This is looking ok. You're talking to [massmail.uconn.edu]:587
using SASL and the password is in /etc/postfix/nexus_passwd

> I added this to master.cf
> submission inet n       -       n       -       -       smtpd
>   -o syslog_name=postfix/submission
>   -o smtpd_tls_security_level=encrypt
>   -o smtpd_sasl_auth_enable=yes
>   -o milter_macro_daemon_name=ORIGINATING

I don't think you need this at all.

> Aug  7 12:27:28 production0 postfix/cleanup[18993]: 89C1F121242FF: message-id=<[hidden email]>
> Aug  7 12:27:28 production0 postfix/bounce[19011]: 85A08121242FE: sender non-delivery notification: 89C1F121242FF
> Aug  7 12:27:28 production0 postfix/qmgr[18989]: 89C1F121242FF: from=<>, size=3290, nrcpt=1 (queue active)
> Aug  7 12:27:59 production0 postfix/smtp[18995]: 89C1F121242FF: to=<[hidden email]>, relay=massmail.uconn.edu[137.99.26.55]:587, delay=31, delays=0/0/31/0, dsn=5.7.0, status=bounced (host massmail.uconn.edu[137.99.26.55] said: 530 5.7.0 Must issue a STARTTLS command first (in reply to MAIL FROM command))
> Aug  7 12:27:59 production0 postfix/qmgr[18989]: 89C1F121242FF: removed
>
>
> What am I doing wrong ?

Your machine is client to massmail.uconn.edu
Your machine needs to use STARTTLS before it issues a SMTP AUTH command

smtp_tls_security_level = may

smtp_tls_loglevel  = 1
smtp_tls_note_starttls_offer = yes

# you might need to use your own keys/certificates here, these are
# mine and my paths
smtp_tls_key_file  = /etc/ssl/private/mail-cvk-int.charite.de.key
smtp_tls_cert_file = /etc/ssl/certs/mail-cvk-int.charite.de.pem-chain
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt


--
[*] sys4 AG

https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München
                                           
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein