Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm running a CentOS 7 server for my personal domain. My ISP is Verizon and I used to send outgoing mail through their smtp server (with login/authentication). They recently decided it would be a great security feature to only allow outgoing mail with a verizon return address. So, I contracted with someone else to provide my outgoing e-mail service. I should only have had to change the relayhost and the entries in sasl_passwd. Which I did and re-hashed the file. However, it fails to connect and keeps telling me:
Code:
status=deferred (SASL authentication failed; cannot authenticate to server smtp-auth.nowhere.com[38.123.22.160]: no mechanism available)
I am able to telnet to the hostname and port. So, I know it is not a dns resolution problem nor a firewall problem. Just odd that it was working for years to Verizon. I just change the relay and all of a sudden, not mechanism available. I've re-installed cyrus-sasl-plain. No difference.
Check the config of cyrus-sasl, too. I can't tell you which line/s to look for as I don't use cyrus. Then test its IMAP/POP3 ports. You can use openssl for that.
If I understand correctly, you setup a cyrus-sasl. However, the output above does not seems to agree. And as I don't use cyrus-sasl, I won't be able to help you much there.
When an SMTP server receives an incoming connection, it acts as a server.
When an SMTP server connects to another SMTP server, it acts as a client.
When an email client such as Thunderbird connects to SMTP server because it wants to send an email out, it talks to the smtpd persona of the SMTP server. Hence, the smtpd_sasl_type = <whatever> is required.
When the SMTP server receives such connection, it consults its authentication back-end such as cyrus or dovecot.
You are quite correct, but the OP is talking about authenticating to his new relayhost to sent mail OUT from his postfix.
Maybe it has to do with the fairly recent deprecation of the now insecure sslv3 'mechanism' (Debian systems will no longer use it by default, presumably CentOS7 is similar).
Investigation with an online checker such as https://www.ssllabs.com/ or talking to their tech support might help.
Also check out the postfix docs for how to increase the logging level for troubkeshooting this issue.
Last edited by descendant_command; 12-13-2016 at 01:02 AM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.