Smtp auth: Difference between revisions

When I upgrade to Hardy Heron, it looks like I'll have an easier time getting mail to work.

Here is an Ubuntu-specific recipe that looks like it will do the job:

https://help.ubuntu.com/7.04/server/C/postfix.html

Currently, my mail service is working as long as I don't try to send mail from a remote machine. For instance, if I have a laptop configured to send mail outgoing mail to my server and am connecting through an untrusted network in a coffee shop or a friend's house, I am unable to connect to the server. This must be fixed.

There are several differences between my existing /etc/postfix/main.cf config and the recipe linked above:

However, my server currently generates the correct list of available services when starting a transaction:

root@weasel:/etc/default# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 weasel.finninday.net ESMTP Postfix (Ubuntu)
ehlo weasel.finninday.net
250-weasel.finninday.net
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250 8BITMIME
quit

It even offers the correct services to remote machines:

[rday@snapper ~]$ telnet finninday.net 25
Trying 24.21.185.50...
Connected to finninday.net.
Escape character is '^]'.
220 weasel.finninday.net ESMTP Postfix (Ubuntu)
ehlo weasel.finninday.net
250-weasel.finninday.net
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5
250 8BITMIME
quit

I found another recipe that said it was actually tested on Dapper Drake and correctly identified the sasl2 package that I stumbled over before.

https://help.ubuntu.com/community/Postfix

So I followed that recipe and made these changes to my main.cf:

root@weasel:/etc/postfix# diff main.cf.orig main.cf
40,41c40,41
< #smtpd_sasl_auth_enable = yes
< smtpd_sasl2_auth_enable = yes
---
> smtpd_sasl_auth_enable = yes
> #smtpd_sasl2_auth_enable = yes
55c55
< smtpd_sasl_local_domain = $mydomain
---
> smtpd_sasl_local_domain = 
59a60,61
> smtp_use_tls = yes
> smtp_tls_note_starttls_offer = yes

And restarted postfix.

When I try to send an email, I get this in the logs:

Apr 21 15:52:15 localhost postfix/smtpd[26421]: connect from PSMFC-fwgt.psmfc.org[205.230.28.193]
Apr 21 15:52:15 localhost postfix/smtpd[26421]: setting up TLS connection from PSMFC-fwgt.psmfc.org[205.230.28.193]
Apr 21 15:52:15 localhost postfix/smtpd[26421]: TLS connection established from PSMFC-fwgt.psmfc.org[205.230.28.193]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Apr 21 15:52:23 localhost postfix/smtpd[26421]: warning: SASL authentication failure: no secret in database
Apr 21 15:52:23 localhost postfix/smtpd[26421]: warning: PSMFC-fwgt.psmfc.org[205.230.28.193]: SASL CRAM-MD5 authentication failed
Apr 21 15:52:23 localhost postfix/smtpd[26421]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Apr 21 15:52:23 localhost postfix/smtpd[26421]: warning: SASL authentication failure: Password verification failed
Apr 21 15:52:23 localhost postfix/smtpd[26421]: warning: PSMFC-fwgt.psmfc.org[205.230.28.193]: SASL PLAIN authentication failed
Apr 21 15:52:23 localhost postfix/smtpd[26421]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Apr 21 15:52:23 localhost postfix/smtpd[26421]: warning: PSMFC-fwgt.psmfc.org[205.230.28.193]: SASL LOGIN authentication failed
Apr 21 15:52:46 localhost postfix/smtpd[26421]: disconnect from PSMFC-fwgt.psmfc.org[205.230.28.193]