Postfix configured SASL auth OK, but Outlook login kept rejected
 

Hello, Linux experts

I deeply appreciate if anyone could guide me out of this puzzle. I've been working on this for more than one week and still has no clue.

Problem:
My postfix is configured as SASL auth using shadow, and you can get correct response while using telnet ip 25 and EHLO command. However, using MUA to access this server using SMTP auth for an smtp relay, will get time-out (my MAC OS X's mail) or 0x800CCC92 (My windows outlook) messages. On the other hand, my windows outlook will succeed getting this server relay my mail if uncheck "My SMTP server requires login" option!! And, I'm sure my windows computer is not included in $mynetworks arg.

However, this happens after a severe system fault and redhat-reinstall, I copied old configuration overwriting it, removed a location, then, voila, this is what I got.

Network configuration:
1. FC2, Postfix 2.0.18, Cyrus-sasl-2.1.18(w/ md5, devel, plain pkgs), dovecot-0.99.10.4;
2. Server behind an IP-sharing box (D-Link DI704P), configured as DMZ host(no protection, only NAT), with its own iptables protecting itself;

Related configuration file clips:
1. /etc/postfix/main.cf:
allow_untrusted_routing = no

broken_sasl_auth_clients = yes

default_database_type = hash

mydestination = $mydomain, $myhostname, mail.mydomain.net
mydomain = mydomain.net
myhostname = master.mydomain.net
mynetworks = 127.0.0.1/32
mynetworks_style = host
myorigin = $mydomain

owner_request_special = yes

relay_domains =$mydomain, $mynetworks
relay_domains_reject_code = 554

smtpd_client_restrictions =
smtpd_data_restrictions =
smtpd_delay_reject = yes
smtpd_enforce_tls = no
smtpd_error_sleep_time = 1s
smtpd_etrn_restrictions =

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

smtpd_application_name = smtpd
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options =
smtpd_sender_login_maps =
smtpd_sender_restrictions =

2. /usr/local/lib/sasl2/smtpd.conf:
pwcheck_method: saslauthd
mech_list:PLAIN LOGIN

3. /etc/sysconfig/saslauthd:
SOCKETDIR=/var/run/saslauthd
MECH=shadow
FLAG=

Error messages when smtp auth rejected:
1. /var/log/messages:
none, nothing
2. /var/log/maillog:
nada, not an error or warning

Etheral packet capturing:
1. smtp_svr_ip client_ip tcp smtp > 3587 [SYN, ACK] Seq=1639628106 Ack=1384803406 Win=5840 Len=0
2. client_ip smtp_svr_ip tcp 3587 > smtp [ACK] Seq=1384803406 Ack=1639628107 Win=65535 Len=0
3. smtp_svr_ip client_ip smtp Response: 220 vssr.client_domain ESMTP client-gateway
4. client_ip smtp_svr_ip smtp Command: EHLO client_host
5. smtp_svr_ip client_ip tcp smtp > 3587 [ACK] Seq=1639628164 Ack=1384803426 Win=5840 Len=0
6. smtp_svr_ip client_ip smtp Response: 250-AUTH LOGIN PLAIN
7. client_ip smtp_svr_ip tcp 3587 > smtp [ACK] Seq=1384803426 Ack=1639628186 Win=65456 Len=0
8. smtp_svr_ip client_ip smtp Response: 250 vssr.client_domain
9. client_ip smtp_svr_ip smtp Command: AUTH LOGIN
10. smtp_svr_ip client_ip smtp Response: 334 VXNlcm5hbWU6
11. client_ip smtp_svr_ip smtp Message Body

Please, this really beats me, I'm complete lost.

Are u using TLS with SASL2?

Outlook dont support TLS!!!

I has to many problems with it also.

Thanks, but no, I'm not using TLS.

Whatever the root cause(s) are, I've logged two weird symptons and I'd like to learn why:
1. Inside a LAN behind D-Link DI-704P, a client MUA cannot specify SMTP server by hostname, only by virtual IP;

2. My office computer w/ Outlook2002, for some reasons, can make some non-Open Relay SMTP servers accept its relay access w/o giving username and password! On the contrary, if I give my outlook acct/passwd for SMTP, it will not pass thru.