0001020: Missing login auth mech and trimmed unsupported auth mechs from dovecot.conf

Viewing Issue Simple Details [ Jump to Notes ]

[ View Advanced ] [ Issue History ] [ Print ]

Tags

No tags attached.

Attached Files

etc_postfix_main.cf.patch [^] (172 bytes) 2008-12-31 09:39

etc_postfix_sasl_smtpd.conf.patch [^] (286 bytes) 2008-12-31 09:39

Relationships

has duplicate

0001173

closed

JamieWolf

dovecot.conf: unsupported auth-mechanisms listed (Gentoo, 1.4.2-r1-ebuild)

Notes
(0000043) JamieWolf (developer) 2008-12-01 12:20	This is due to smtpd_helo_required = yes. Your Mail Client seems to send a wrong EHLO. (Which Client do U use?). Please check http://www.postfix.org/SMTPD_ACCESS_README.html [^] for further info about it. Remember to let your client authenticate before he wants to send mails :) BTW. SSL / No SSL? Also exchanging the following line might help smtpd_recipient_restrictions = reject_unlisted_recipient permit_mynetworks permit_sasl_authenticated reject_unauth_destination reject_invalid_helo_hostname reject_unknown_helo_hostname reject_non_fqdn_helo_hostname reject_unknown_sender_domain if it doesn't set smtpd_helo_required = no and check if this help.

(0000049) JamieWolf (developer) 2008-12-01 12:54	554 5.7.1 <imf12bis.bellsouth.net>: Helo command rejected: Host not found; Here the sending host did give a FQDN, but that name didn't really exist in the Domain Name Service (DNS for short). This error happens when the host knows itself by one name but the Internet knows it by another name. The names presented to the internet must be self-consistent. For me it seems more an Issue, that the user is not authenticated before. Do U use dovecot or Cyrus as SASL Auth?

(0000207) monotek (reporter) 2008-12-31 09:41	Added patches for Syscp 1.4.2 which fix the problem in ubuntu.

(0000225) indigo-inc (reporter) 2009-01-11 00:56	I had the same problem and I could it fix using the normal SysCP templates for dovecot and postfix and could it fix adding "login" to auth mechanisms. dovecot.conf: auth default { mechanisms = plain login digest-md5 cram-md5 ntlm rpa [...] (see http://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL [^] for further details)

(0000301) JamieWolf (developer) 2009-02-23 18:14	monotek you definitly made a wrong conclusion. Because Dovecot offers the NTML Auth Mech, Outlook tries to use it, since it is better than plain or login. So now the client can not auth, since cram, NTML etc. are not supported by Syscp. So the rule in sender restrictions permit_sasl_authenticated does not fire. Which means the client is rejected due to one of these rules reject_invalid_helo_hostname reject_unknown_helo_hostname reject_non_fqdn_helo_hostname reject_unknown_sender_domain. By deleting cram ntlm etc. from auth mechs and adding login, the client now can sasl auth and is permitted to send mail. So ur solution may work, but is not the real conclusion to this problem. I've fixed the confs in the SVN.

(0000323) monotek (reporter) 2009-02-28 20:36	I checked this now with a complete new Ubuntu 8.04.2 and Syscp 1.4.2 trunk revision 2674. Sending mail does not work: [quote] Feb 28 20:15:25 server5 postfix/smtpd[7253]: connect from BAD99b9.bad.pppool.de[77.131.153.185] Feb 28 20:15:25 server5 postfix/smtpd[7253]: warning: SASL authentication failure: Password verification failed Feb 28 20:15:25 server5 postfix/smtpd[7253]: warning: BAD99b9.bad.pppool.de[77.131.153.185]: SASL PLAIN authentication failed: authentication failure Feb 28 20:15:25 server5 postfix/smtpd[7253]: warning: BAD99b9.bad.pppool.de[77.131.153.185]: SASL LOGIN authentication failed: authentication failure Feb 28 20:15:25 server5 postfix/smtpd[7253]: NOQUEUE: reject: RCPT from BAD99b9.bad.pppool.de[77.131.153.185]: 450 4.7.1 <CORE>: Helo command rejected: Host not found; from=<mail@monotek.ath.cx> to=<monotek@gmx.net> proto=ESMTP helo=<CORE> Feb 28 20:15:25 server5 postfix/smtpd[7253]: disconnect from BAD99b9.bad.pppool.de[77.131.153.185] [/quote]

(0000331) Flo (administrator) 2009-03-04 11:40	Please monotek, be more precise with the error log. You can't read anything out of it, except the fact that it doesn't work (obviously).

(0000332) monotek (reporter) 2009-03-04 12:36	I used exactly the new postfix / dovecot configtemplates of current trunk. This is the complete log. What else do you need? Cant you reproduce it in Ubuntu?

(0000333) adlerweb (reporter) 2009-03-04 13:31	Some feedback from my side: #2653 solved the problem with Thunderbird and Outlook for me (Gentoo). monotek: restarted dovecot & postfix? sure the password is correct?

(0000334) monotek (reporter) 2009-03-04 13:42	Yes, of course. All mail services are restarted. POP3 Works. Therefore password should be OK.

(0000335) Flo (administrator) 2009-03-04 15:32	Monotek, I recently changed the /etc/postfix/sasl/smtpd.conf. Could you please try again? Dovecot sasl works for me.

(0000337) monotek (reporter) 2009-03-04 16:24	Testserver is offline. Will check this again asap.

SVN - commits
(#2585) radiation 2009-01-29 15:57	refs #1020 A branches/radiation/ticket_1020/

(#2586) radiation 2009-01-29 16:05	patch applied, refs #1020 U branches/radiation/ticket_1020/templates/misc/configfiles/debian_etch/postfix/etc_postfix_sasl_smtpd.conf U branches/radiation/ticket_1020/templates/misc/configfiles/ubuntu_hardy/postfix/etc_postfix_sasl_smtpd.conf

(#2589) radiation 2009-01-29 16:15	reverting changes because of other problems, needs further checks, refs #1020 D branches/radiation/ticket_1020/

(#2611) jamiewolf 2009-02-22 23:36	brach refs #1020 A branches/jamiewolf/ticket_1020/

(#2612) jamiewolf 2009-02-22 23:44	added login to the auth mechs refs #1020 U branches/jamiewolf/ticket_1020/templates/misc/configfiles/debian_etch/dovecot/etc_dovecot_dovecot.conf U branches/jamiewolf/ticket_1020/templates/misc/configfiles/gentoo/dovecot/etc_dovecot_dovecot.conf U branches/jamiewolf/ticket_1020/templates/misc/configfiles/ubuntu_hardy/dovecot/etc_dovecot_dovecot.conf

(#2631) jamiewolf 2009-02-23 12:36	removed cram digest ... auth mechs, since those are not supported refs #1020 U branches/jamiewolf/ticket_1020/templates/misc/configfiles/debian_etch/dovecot/etc_dovecot_dovecot.conf U branches/jamiewolf/ticket_1020/templates/misc/configfiles/gentoo/dovecot/etc_dovecot_dovecot.conf U branches/jamiewolf/ticket_1020/templates/misc/configfiles/ubuntu_hardy/dovecot/etc_dovecot_dovecot.conf

(#2653) flo 2009-02-24 10:12	Merged branches/jamiewolf/ticket_1020 to trunk/syscp, fixes #1020 D branches/jamiewolf/ticket_1020/ U trunk/syscp/templates/misc/configfiles/debian_etch/dovecot/etc_dovecot_dovecot.conf U trunk/syscp/templates/misc/configfiles/gentoo/dovecot/etc_dovecot_dovecot.conf U trunk/syscp/templates/misc/configfiles/ubuntu_hardy/dovecot/etc_dovecot_dovecot.conf

Issue History
Date Modified	Username	Field	Change
2008-11-30 20:34	monotek	New Issue
2008-12-01 12:20	JamieWolf	Note Added: 0000043
2008-12-01 12:43	monotek	Note Added: 0000047
2008-12-01 12:44	JamieWolf	Priority	normal => low
2008-12-01 12:44	JamieWolf	Severity	major => minor
2008-12-01 12:44	JamieWolf	Status	new => feedback
2008-12-01 12:44	JamieWolf	Status	feedback => assigned
2008-12-01 12:44	JamieWolf	Assigned To	=> JamieWolf
2008-12-01 12:54	JamieWolf	Note Added: 0000049
2008-12-01 13:02	monotek	Note Added: 0000050
2008-12-01 21:46	monotek	Note Added: 0000071
2008-12-01 22:58	monotek	Note Edited: 0000071
2008-12-01 23:27	monotek	Note Edited: 0000071
2008-12-01 23:27	monotek	Note Edited: 0000071
2008-12-12 22:31	monotek	Note Added: 0000167
2008-12-13 21:25	monotek	Note Added: 0000170
2008-12-13 21:26	monotek	Note Edited: 0000170
2008-12-13 21:42	monotek	Note Edited: 0000170
2008-12-13 21:42	monotek	Note Edited: 0000170
2008-12-13 21:55	monotek	Note Edited: 0000170
2008-12-13 23:42	monotek	Note Added: 0000171
2008-12-14 02:07	monotek	Note Added: 0000172
2008-12-31 09:39	monotek	File Added: etc_postfix_main.cf.patch
2008-12-31 09:39	monotek	File Added: etc_postfix_sasl_smtpd.conf.patch
2008-12-31 09:41	monotek	Note Added: 0000207
2009-01-11 00:56	indigo-inc	Note Added: 0000225
2009-01-28 10:44	monotek	Note Added: 0000235
2009-01-28 16:29	monotek	Note Deleted: 0000235
2009-01-29 14:56	RadiatioN	Assigned To	JamieWolf => RadiatioN
2009-01-29 15:57	RadiatioN	Checkin
2009-01-29 16:05	RadiatioN	Checkin
2009-01-29 16:07	RadiatioN	Target Version	=> 1.4.3
2009-01-29 16:15	RadiatioN	Checkin
2009-01-29 16:15	RadiatioN	Target Version	1.4.3 =>
2009-02-22 23:36	JamieWolf	Checkin
2009-02-22 23:44	JamieWolf	Checkin
2009-02-22 23:49	JamieWolf	Assigned To	RadiatioN => JamieWolf
2009-02-22 23:49	JamieWolf	Projection	none => minor fix
2009-02-22 23:49	JamieWolf	Target Version	=> 1.4.3
2009-02-23 11:21	monotek	Note Added: 0000282
2009-02-23 11:22	monotek	Note Edited: 0000282
2009-02-23 11:23	monotek	Note Edited: 0000282
2009-02-23 12:36	JamieWolf	Checkin
2009-02-23 14:21	JamieWolf	Relationship added	has duplicate 0001173
2009-02-23 14:23	JamieWolf	Summary	Postfix - customer cant send mails - Helo command rejected => Missing login auth mech and trimmed unsupported auth mechs from dovecot.conf
2009-02-23 18:14	JamieWolf	Note Added: 0000301
2009-02-23 18:50	monotek	Note Added: 0000302
2009-02-24 10:12	Flo	Checkin
2009-02-24 10:12	Flo	Status	assigned => resolved
2009-02-24 10:12	Flo	Resolution	open => fixed
2009-02-28 20:36	monotek	Note Added: 0000323
2009-02-28 20:36	monotek	Status	resolved => feedback
2009-02-28 20:36	monotek	Resolution	fixed => reopened
2009-02-28 20:36	monotek	Note Deleted: 0000047
2009-02-28 20:36	monotek	Note Deleted: 0000050
2009-02-28 20:36	monotek	Note Deleted: 0000071
2009-02-28 20:36	monotek	Note Deleted: 0000167
2009-02-28 20:36	monotek	Note Deleted: 0000170
2009-02-28 20:36	monotek	Note Deleted: 0000171
2009-02-28 20:37	monotek	Note Deleted: 0000172
2009-02-28 20:37	monotek	Note Deleted: 0000282
2009-02-28 20:37	monotek	Note Deleted: 0000302
2009-03-04 11:40	Flo	Note Added: 0000331
2009-03-04 12:36	monotek	Note Added: 0000332
2009-03-04 13:31	adlerweb	Note Added: 0000333
2009-03-04 13:42	monotek	Note Added: 0000334
2009-03-04 15:32	Flo	Note Added: 0000335
2009-03-04 16:24	monotek	Note Added: 0000337
2009-03-27 10:44	Flo	Target Version	1.4.2.1 => 1.4.3