Postfix configured SASL auth OK, but Outlook login kept rejected
Hello, Linux experts
I deeply appreciate if anyone could guide me out of this puzzle. I've been working on this for more than one week and still has no clue. Problem: My postfix is configured as SASL auth using shadow, and you can get correct response while using telnet ip 25 and EHLO command. However, using MUA to access this server using SMTP auth for an smtp relay, will get time-out (my MAC OS X's mail) or 0x800CCC92 (My windows outlook) messages. On the other hand, my windows outlook will succeed getting this server relay my mail if uncheck "My SMTP server requires login" option!! And, I'm sure my windows computer is not included in $mynetworks arg. However, this happens after a severe system fault and redhat-reinstall, I copied old configuration overwriting it, removed a location, then, voila, this is what I got. Network configuration: 1. FC2, Postfix 2.0.18, Cyrus-sasl-2.1.18(w/ md5, devel, plain pkgs), dovecot-0.99.10.4; 2. Server behind an IP-sharing box (D-Link DI704P), configured as DMZ host(no protection, only NAT), with its own iptables protecting itself; Related configuration file clips: 1. /etc/postfix/main.cf: allow_untrusted_routing = no broken_sasl_auth_clients = yes default_database_type = hash mydestination = $mydomain, $myhostname, mail.mydomain.net mydomain = mydomain.net myhostname = master.mydomain.net mynetworks = 127.0.0.1/32 mynetworks_style = host myorigin = $mydomain owner_request_special = yes relay_domains =$mydomain, $mynetworks relay_domains_reject_code = 554 smtpd_client_restrictions = smtpd_data_restrictions = smtpd_delay_reject = yes smtpd_enforce_tls = no smtpd_error_sleep_time = 1s smtpd_etrn_restrictions = smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_application_name = smtpd smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = smtpd_sasl_security_options = smtpd_sender_login_maps = smtpd_sender_restrictions = 2. /usr/local/lib/sasl2/smtpd.conf: pwcheck_method: saslauthd mech_list:PLAIN LOGIN 3. /etc/sysconfig/saslauthd: SOCKETDIR=/var/run/saslauthd MECH=shadow FLAG= Error messages when smtp auth rejected: 1. /var/log/messages: none, nothing 2. /var/log/maillog: nada, not an error or warning Etheral packet capturing: 1. smtp_svr_ip client_ip tcp smtp > 3587 [SYN, ACK] Seq=1639628106 Ack=1384803406 Win=5840 Len=0 2. client_ip smtp_svr_ip tcp 3587 > smtp [ACK] Seq=1384803406 Ack=1639628107 Win=65535 Len=0 3. smtp_svr_ip client_ip smtp Response: 220 vssr.client_domain ESMTP client-gateway 4. client_ip smtp_svr_ip smtp Command: EHLO client_host 5. smtp_svr_ip client_ip tcp smtp > 3587 [ACK] Seq=1639628164 Ack=1384803426 Win=5840 Len=0 6. smtp_svr_ip client_ip smtp Response: 250-AUTH LOGIN PLAIN 7. client_ip smtp_svr_ip tcp 3587 > smtp [ACK] Seq=1384803426 Ack=1639628186 Win=65456 Len=0 8. smtp_svr_ip client_ip smtp Response: 250 vssr.client_domain 9. client_ip smtp_svr_ip smtp Command: AUTH LOGIN 10. smtp_svr_ip client_ip smtp Response: 334 VXNlcm5hbWU6 11. client_ip smtp_svr_ip smtp Message Body Please, this really beats me, I'm complete lost. |
Are u using TLS with SASL2?
Outlook dont support TLS!!! I has to many problems with it also. |
Thanks, but no, I'm not using TLS.
Whatever the root cause(s) are, I've logged two weird symptons and I'd like to learn why: 1. Inside a LAN behind D-Link DI-704P, a client MUA cannot specify SMTP server by hostname, only by virtual IP; 2. My office computer w/ Outlook2002, for some reasons, can make some non-Open Relay SMTP servers accept its relay access w/o giving username and password! On the contrary, if I give my outlook acct/passwd for SMTP, it will not pass thru. |
All times are GMT -5. The time now is 12:25 AM. |