There is no AUTH on port 25, take 587. suomi
On 06/28/2016 05:15 AM, Michael Fox wrote:
I’ve been using Postfix for a while with no client submission. I’m trying to set up SASL for the first time, using Dovecot, to support virtual users. When I connect with EHLO, I do NOT see “AUTH” capabilities. Of course, I’m following: http://www.postfix.org/SASL_README.html First of all, Dovecot is installed and authentication works $ telnet localhost 110 Trying 127.0.0.1... Connected to localhost.localdomain. Escape character is '^]'. +OK Dovecot ready. user <virtualuser>@<virtual.domain> +OK pass secret +OK Logged in. quit +OK Logging out. Connection closed by foreign host. $ And mail is delivered to the virtual mailboxes just fine. This tells me that the Dovecot passdb and userdb are working. Now, following the SASL_README: $ postconf -a cyrus dovecot $ postconf -A cyrus I followed the instructions in SASL_README for “Configuring Dovecot SASL”, plus … smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes The socket exists ~$ sudo ls -l /var/spool/postfix/private total 0 … srw-rw---- 1 postfix postfix 0 Jun 27 18:55 auth … $ After reload, the next step in the README is to try a connection. But I don’t get any AUTH options: $ telnet localhost 25 Trying 127.0.0.1... Connected to localhost.localdomain. Escape character is '^]'. 220 xxxxx ESMTP Postfix (Ubuntu) EHLO client.example.com 250-xxxxx 250-PIPELINING 250-SIZE 102400 250-VRFY 250-ETRN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN QUIT 221 2.0.0 Bye Connection closed by foreign host. $ I don’t know what to do next. Thanks for any help. Thanks, Michael $ postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases anvil_rate_time_unit = 60s append_at_myorigin = yes append_dot_mydomain = yes biff = no bounce_queue_lifetime = 8h bounce_template_file = /etc/postfix/bounce.cf broken_sasl_auth_clients = yes canonical_maps = pcre:/etc/postfix/canonical.pcre config_directory = /etc/postfix content_filter = amavisfeed:[127.0.0.1]:10024 delay_warning_time = 2h fast_flush_domains = $relay_domains header_checks = pcre:/etc/postfix/header_checks.pcre html_directory = /usr/share/doc/postfix/html inet_interfaces = all mailbox_size_limit = 5120000 maximal_queue_lifetime = 8h message_size_limit = 102400 mydestination = $myhostname localhost.$mydomain localhost.localdomain localhost mydomain = <my.domain> mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.8.0/24 myorigin = /etc/mailname postscreen_access_list = permit_mynetworks cidr:/etc/postfix/postscreen_access.cidr postscreen_blacklist_action = drop postscreen_dnsbl_action = enforce postscreen_dnsbl_reply_map = pcre:/etc/postfix/postscreen_dnsbl_reply_map.pcre postscreen_dnsbl_sites = zen.spamhaus.org*3 bl.spameatingmonkey.net*2 psbl.surriel.com*2 bl.spamcop.net hostkarma.junkemailfilter.com=127.0.0.2 dnsbl.sorbs.net bl.mailspike.net swl.spamhaus.org*-4 list.dnswl.org=127.0.[0..255].0*-1 list.dnswl.org=127.0.[0..255].1*-2 list.dnswl.org=127.0.[0..255].2*-3 list.dnswl.org=127.0.[0..255].3*-4 postscreen_dnsbl_threshold = 3 postscreen_dnsbl_ttl = 5m postscreen_greet_action = enforce proxy_interfaces = <my.external.ip.address> readme_directory = /usr/share/doc/postfix recipient_delimiter = + relay_domains = n6mef.ampr.org relay_recipient_maps = pcre:/etc/postfix/relay_recipients.pcre relay_restrictions = check_sender_access pcre:/etc/postfix/relay_sender_access.pcre remote_header_rewrite_domain = invalid.domain smtp_host_lookup = native smtp_sasl_auth_enable = yes smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_client_connection_count_limit = 10 smtpd_client_connection_rate_limit = 10 smtpd_client_restrictions = permit_mynetworks reject_unknown_reverse_client_hostname check_client_access pcre:/etc/postfix/client_access.pcre reject_rbl_client zen.spamhaus.org permit smtpd_data_restrictions = reject_unauth_pipelining reject_multi_recipient_bounce permit smtpd_delay_reject = yes smtpd_error_sleep_time = 5s smtpd_etrn_restrictions = permit_mynetworks reject smtpd_hard_error_limit = 10 smtpd_helo_required = yes smtpd_helo_restrictions = reject_invalid_helo_hostname reject_non_fqdn_helo_hostname permit_mynetworks reject_unknown_helo_hostname check_helo_access pcre:/etc/postfix/helo_access.pcre permit smtpd_junk_command_limit = 2 smtpd_recipient_restrictions = reject_non_fqdn_recipient reject_unknown_recipient_domain permit_mynetworks reject_unauth_destination check_recipient_access pcre:/etc/postfix/recipient_access.pcre check_recipient_access pcre:/etc/postfix/relay_recipient_access.pcre permit smtpd_reject_unlisted_recipient = yes smtpd_restriction_classes = relay_restrictions smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_sender_restrictions = reject_non_fqdn_sender reject_unknown_sender_domain permit_mynetworks check_sender_access pcre:/etc/postfix/sender_access.pcre check_sender_mx_access cidr:/etc/postfix/sender_mx_access.cidr reject_rhsbl_sender dsn.rfc-clueless.org permit smtpd_soft_error_limit = 5 smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = no strict_rfc821_envelopes = yes transport_maps = hash:/etc/postfix/transport unknown_address_reject_code = 550 unknown_client_reject_code = 550 unknown_hostname_reject_code = 550 unknown_local_recipient_reject_code = 550 unverified_recipient_reject_code = 550 unverified_sender_reject_code = 550 virtual_alias_maps = hash:/etc/postfix/virtual virtual_mailbox_domains = <my.virtual.domain.name> virtual_transport = lmtp:unix:private/dovecot-lmtp