> Begin forwarded message: > > From: Pete Long <[email protected]> > Subject: Re: Submission Creds only Accepted on LAN? > Date: 8 August 2021 at 21:04:41 BST > To: [email protected] > > >> On 8 Aug 2021, at 19:55, Reio Remma <[email protected]> wrote: >> >> On 08.08.2021 21:53, Pete Long wrote: >>> Hi Reio, >>> >>> Yes it's set with SSL (as Apple's iPhone mail app shows) on port 587. The >>> authentication method is 'password'. >> >> Do you see from smtpd logs that a connection is made and credentials fail? > > Here's the output from 'smtpd -dv -Tlookup' when using my mobile phone: > > > debug: smtpd: offline scanning done > 93d95e59d30926fa smtp connected address=148.252.132.246 host=<unknown> > debug: looking up pki "mydomain.tld" > debug: session_start_ssl: switching to SSL > debug: pony: rsae_priv_enc > 93d95e59d30926fa smtp tls ciphers=TLSv1.3:TLS_AES_256_GCM_SHA384:256 > smtp: 0x800ed5000: smtp_cert_verify_cb: no-client-cert > 93d95e59d30926fa smtp authentication user=pete result=permfail > 93d95e59d30926fa smtp failed-command command="AUTH PLAIN (...)" result="535 > Authentication failed" > 93d95e59d30926fa smtp disconnected reason=disconnect > > > Here's the output when I send on my LAN (same debug command): > > debug: looking up pki "mydomain.tld" > debug: session_start_ssl: switching to SSL > debug: pony: rsae_priv_enc > 93d95e5a86cc1911 smtp tls ciphers=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256 > smtp: 0x800ed5000: smtp_cert_verify_cb: no-client-cert > 93d95e5a86cc1911 smtp authentication user=pete result=ok > lookup: match "10.1.2.3" as NETADDR in table static:<anyhost> -> true > lookup: match "outlook.com" as DOMAIN in table static:<anydestination> -> true > > > I don't see the 'lookup: match' lines in the log output when sending from my > phone for some reason. > > > Pete. >
As an update and my conclusion for now, submission auth works if there is a PTR record for the connecting IP address (at least with my config). I created a test account and used the very helpful https://www.smtper.net site (which of course has PTR records) to successfully send an email to an outside domain via my OpenSMTP server. I can live with that for now. Pete.
smime.p7s
Description: S/MIME cryptographic signature
