LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 01-03-2005, 03:11 AM   #1
randy_liu_tw
LQ Newbie
 
Registered: Nov 2004
Posts: 2

Rep: Reputation: 0
Postfix configured SASL auth OK, but Outlook login kept rejected


Hello, Linux experts

I deeply appreciate if anyone could guide me out of this puzzle. I've been working on this for more than one week and still has no clue.

Problem:
My postfix is configured as SASL auth using shadow, and you can get correct response while using telnet ip 25 and EHLO command. However, using MUA to access this server using SMTP auth for an smtp relay, will get time-out (my MAC OS X's mail) or 0x800CCC92 (My windows outlook) messages. On the other hand, my windows outlook will succeed getting this server relay my mail if uncheck "My SMTP server requires login" option!! And, I'm sure my windows computer is not included in $mynetworks arg.

However, this happens after a severe system fault and redhat-reinstall, I copied old configuration overwriting it, removed a location, then, voila, this is what I got.

Network configuration:
1. FC2, Postfix 2.0.18, Cyrus-sasl-2.1.18(w/ md5, devel, plain pkgs), dovecot-0.99.10.4;
2. Server behind an IP-sharing box (D-Link DI704P), configured as DMZ host(no protection, only NAT), with its own iptables protecting itself;

Related configuration file clips:
1. /etc/postfix/main.cf:
allow_untrusted_routing = no

broken_sasl_auth_clients = yes

default_database_type = hash

mydestination = $mydomain, $myhostname, mail.mydomain.net
mydomain = mydomain.net
myhostname = master.mydomain.net
mynetworks = 127.0.0.1/32
mynetworks_style = host
myorigin = $mydomain

owner_request_special = yes

relay_domains =$mydomain, $mynetworks
relay_domains_reject_code = 554

smtpd_client_restrictions =
smtpd_data_restrictions =
smtpd_delay_reject = yes
smtpd_enforce_tls = no
smtpd_error_sleep_time = 1s
smtpd_etrn_restrictions =

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

smtpd_application_name = smtpd
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options =
smtpd_sender_login_maps =
smtpd_sender_restrictions =

2. /usr/local/lib/sasl2/smtpd.conf:
pwcheck_method: saslauthd
mech_list:PLAIN LOGIN

3. /etc/sysconfig/saslauthd:
SOCKETDIR=/var/run/saslauthd
MECH=shadow
FLAG=

Error messages when smtp auth rejected:
1. /var/log/messages:
none, nothing
2. /var/log/maillog:
nada, not an error or warning

Etheral packet capturing:
1. smtp_svr_ip client_ip tcp smtp > 3587 [SYN, ACK] Seq=1639628106 Ack=1384803406 Win=5840 Len=0
2. client_ip smtp_svr_ip tcp 3587 > smtp [ACK] Seq=1384803406 Ack=1639628107 Win=65535 Len=0
3. smtp_svr_ip client_ip smtp Response: 220 vssr.client_domain ESMTP client-gateway
4. client_ip smtp_svr_ip smtp Command: EHLO client_host
5. smtp_svr_ip client_ip tcp smtp > 3587 [ACK] Seq=1639628164 Ack=1384803426 Win=5840 Len=0
6. smtp_svr_ip client_ip smtp Response: 250-AUTH LOGIN PLAIN
7. client_ip smtp_svr_ip tcp 3587 > smtp [ACK] Seq=1384803426 Ack=1639628186 Win=65456 Len=0
8. smtp_svr_ip client_ip smtp Response: 250 vssr.client_domain
9. client_ip smtp_svr_ip smtp Command: AUTH LOGIN
10. smtp_svr_ip client_ip smtp Response: 334 VXNlcm5hbWU6
11. client_ip smtp_svr_ip smtp Message Body

Please, this really beats me, I'm complete lost.
 
Old 01-13-2005, 08:17 AM   #2
x86br
Newbie
 
Registered: Jan 2003
Posts: 26

Rep: Reputation: 15
Are u using TLS with SASL2?

Outlook dont support TLS!!!

I has to many problems with it also.
 
Old 01-14-2005, 03:56 AM   #3
randy_liu_tw
LQ Newbie
 
Registered: Nov 2004
Posts: 2

Original Poster
Rep: Reputation: 0
Thanks, but no, I'm not using TLS.

Whatever the root cause(s) are, I've logged two weird symptons and I'd like to learn why:
1. Inside a LAN behind D-Link DI-704P, a client MUA cannot specify SMTP server by hostname, only by virtual IP;

2. My office computer w/ Outlook2002, for some reasons, can make some non-Open Relay SMTP servers accept its relay access w/o giving username and password! On the contrary, if I give my outlook acct/passwd for SMTP, it will not pass thru.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix SASL Auth...Problems... JamesGolick Linux - Software 1 08-05-2005 11:32 AM
Sasl auth probleme freelinuxcpp Debian 0 06-28-2004 10:10 AM
Would like to get CourierImap, Sasl and ProFTPd to auth from MySql pembo13 Linux - Networking 0 03-29-2004 11:26 PM
SMTP AUTH, SASL and Sendmail not getting along prozach Linux - Software 0 12-02-2003 06:10 PM
SASL-AUTH Postfix Mandrake 9.1 jsnow50 Linux - Software 0 09-29-2003 05:27 PM


All times are GMT -5. The time now is 09:44 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration