My best guess is that your qmail is advertising an encrypted authentication protocol (probably CRAM-MD5) that it doesn't actually support, perhaps because your passwords are not stored in an unencrypted format. My theory is supported by your discovery of the "mail.smtpserver.default.trySecAuth" setting in Thunderbird -- that value probably controls whether Thunderbird uses encrypted protocols. When the clients try to authenticate with the encrypted protocol, they fail.
Try this: edit your "run" file where spamdyke's and qmail's command lines are found. At the end of the line, you'll probably see this: /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true Edit that portion to just this: /var/qmail/bin/qmail-smtpd Restart qmail so the change will take effect. This change _should_ prevent qmail from advertising SMTP AUTH, including the encrypted protocols it doesn't support. However, because spamdyke's configuration file includes the "smtp-auth-command" lines, spamdyke will advertise unencrypted SMTP AUTH on qmail's behalf. It will process the authentications and disable its filters. If my theory is correct, this change should solve your problem. -- Sam Clippinger Stefan Pausch wrote: > Thanks for the response. I will go more into detail : > > - i won't strip the IP or eMails from the logs. Enjoy my data :P > - I guess i have an issue with non-plaintext SMTP-Authentication with QMail > (Plesk 8.4 installation). Maybe i have to patch the basic qmail > installation? > - Outlook works fine. No issues here. > - Log entrys for Outlook and patched thunderbird2: > > spamdyke[25426]: INFO: found A record for p5b01c232.dip.t-dialin.net: > 91.1.194.50 > smtp_auth: SMTP connect from (null)@p5b01c232.dip.t-dialin.net [91.1.194.50] > smtp_auth: smtp_auth: SMTP user : logged in from > (null)@p5b01c232.dip.t-dialin.net [91.1.194.50] > smtp_auth: SMTP connect from (null)@p5b01c232.dip.t-dialin.net [91.1.194.50] > smtp_auth: smtp_auth: SMTP user : logged in from > (null)@p5b01c232.dip.t-dialin.net [91.1.194.50] > spamdyke[25426]: ALLOWED from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] > origin_ip: 91.1.194.50 origin_rdns: p5b01c232.dip.t-dialin.net auth: > [EMAIL PROTECTED] > > - Thunderbird and "The Bat" show following log entries with SMTP-Auth > enabled, Non secure connection and correct password (pop3 auth works!): > > spamdyke[22736]: INFO: found A record for p5b01c232.dip.t-dialin.net: > 91.1.194.50 > spamdyke[22736]: INFO: found TXT record for 50.194.1.91.zen.spamhaus.org: > http://www.spamhaus.org/query/bl?ip=91.1.194.50 > ... > smtp_auth: smtp_auth: FAILED: - password incorrect () from > (null)@p5b01c232.dip.t-dialin.net [91.1.194.50] > spamdyke[24578]: DENIED_RBL_MATCH from: [EMAIL PROTECTED] to: > [EMAIL PROTECTED] origin_ip: 91.1.194.50 origin_rdns: > p5b01c232.dip.t-dialin.net auth: (unknown) > (dont worry about the spamdyke ids ... i just dont find the correct lines > anymore, but the the output is exat the same, besides the ids) > > - If i change the about:config "mail.smtpserver.default.trySecAuth" value in > Thunderbird 2 from "true" to "false" thunderbird users can send emails > > - Is this a issue with spamdyke ( i guess not ) or directly with > qmail-smtp-auth which doesn't understand a crypted smtp-auth query? - Is > there an easy way to fix, or do i really have to recompile qmail (again.. > sigh)? > > --Stefan > > > > >> -----Ursprüngliche Nachricht----- >> Von: [EMAIL PROTECTED] [mailto:spamdyke-users- >> [EMAIL PROTECTED] Im Auftrag von Sam Clippinger >> Gesendet: Sonntag, 18. Mai 2008 18:28 >> An: spamdyke users >> Betreff: Re: [spamdyke-users] SMTP auth and spamhaus issues with "The >> Bat" >> >> I use Thunderbird myself and I've never had any problems. I'm not sure >> what you mean by "wrong authentication type". >> >> Could you enable full logging and send me a log from a connection that >> authenticates and is still blocked? >> >> -- Sam Clippinger >> >> Stefan Pausch wrote: >> >>> I just ran into a DENIED_RBL_MATCH issue with "The Bat" >>> (http://ritlabs.com/) users. The user uses the latest version of "The >>> >> Bat" >> >>> with SMTP Auth and no SSL Authentifications on and gets denied due >>> >> the >> >>> spamhaus listing . >>> >>> I guess it is the same issue as with thunderbird, which uses a >>> >> "wrong" >> >>> authentication type. I tested "The bat with several settings" and >>> >> couldn't >> >>> find a solution for the error >>> >>> Has any of you a solution for ths smtp-auth misbehavior? >>> >>> System: Debian, qmail, spamdyke >>> >>> Spamdyke.conf: >>> >>> 1 log-level=2 >>> 2 log-target=1 >>> 3 local-domains-file=/var/qmail/control/rcpthosts >>> 4 idle-timeout-secs=300 >>> 5 graylist-dir=/var/qmail/spamdyke/greylist >>> 6 graylist-min-secs=300 >>> 7 graylist-max-secs=4814400 >>> 8 policy-url=http://stefanpausch.com/greylist.php >>> 9 sender-blacklist-file=/var/qmail/spamdyke/blacklist_senders >>> 10 recipient-blacklist-file=/var/qmail/spamdyke/blacklist_recipients >>> 11 ip-in-rdns-keyword-file=/var/qmail/spamdyke/blacklist_keywords >>> 12 ip-blacklist-file=/var/qmail/spamdyke/blacklist_ip >>> 13 rdns-blacklist-dir=/var/qmail/spamdyke/blacklist_rdns.d >>> 14 rdns-whitelist-file=/var/qmail/spamdyke/whitelist_rdns >>> 15 ip-whitelist-file=/var/qmail/spamdyke/whitelist_ip >>> 16 sender-whitelist-file=/var/qmail/spamdyke/whitelist_sender >>> 17 greeting-delay-secs=3 >>> 18 tls-certificate-file=/var/qmail/control/servercert.pem >>> 19 local-domains-file=/var/qmail/control/rcpthosts >>> 20 smtp-auth-command=/var/qmail/bin/smtp_auth /var/qmail/bin/true >>> 21 smtp-auth-command=/var/qmail/bin/cmd5checkpw /var/qmail/bin/true >>> 22 check-dnsrbl=ix.dnsbl.manitu.net >>> 23 #check-dnsrbl=zen.spamhaus.org >>> 24 check-dnsrbl=list.dsbl.org >>> 25 check-dnsrbl=zombie.dnsbl.sorbs.net >>> 26 check-dnsrbl=dul.dnsbl.sorbs.net >>> 27 check-dnsrbl=bogons.cymru.com >>> 28 reject-missing-sender-mx >>> 29 reject-empty-rdns >>> 30 reject-unresolvable-rdns >>> 31 tls-certificate-file=/var/qmail/control/servercert.pem >>> 32 hostname-file=/var/qmail/control/me >>> >>> >>> __________ Information from ESET NOD32 Antivirus, version of virus >>> >> signature >> >>> database 3106 (20080516) __________ >>> >>> The message was checked by ESET NOD32 Antivirus. >>> >>> http://www.eset.com >>> >>> >>> _______________________________________________ >>> spamdyke-users mailing list >>> spamdyke-users@spamdyke.org >>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>> >>> >> _______________________________________________ >> spamdyke-users mailing list >> spamdyke-users@spamdyke.org >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> >> __________ Information from ESET NOD32 Antivirus, version of virus >> signature database 3106 (20080516) __________ >> >> The message was checked by ESET NOD32 Antivirus. >> >> http://www.eset.com >> > > > > __________ Information from ESET NOD32 Antivirus, version of virus signature > database 3106 (20080516) __________ > > The message was checked by ESET NOD32 Antivirus. > > http://www.eset.com > > > _______________________________________________ > spamdyke-users mailing list > spamdyke-users@spamdyke.org > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users