On Mar 23, 2018 6:56 AM, Denis <[email protected]> wrote: > > Dear list members, > > OpenSMTPd is a part of OpenBSD 6.2amd64 system I'm running. > > Having trouble with authentication on smtpd 465 and 587 ports. Both > TLSv1.2 wrapped and authentication is PLAIN after TLS is negotiated. > > Local PLAIN auth (without TLS/SSL) works fine on port 25 while I connect > from the same machine by email client directly. > > For <user_password> table I've used 'smtpctl enctypt' command. Dovecot > uses the same table for authentication and auth users successfully > either on TLSv1.2 enctyped port 993. > > -------------------------------------- > $ tail -n 15 /var/log/maillog > smtpd[91077] smtp event=connected address=192.168.1.15 host= > 192.168.1.15 chiphers="version=TLSv1.2, cipher=XXX, bits=256" > smtpd[91077] smtp event=authentication [email protected] > address=192.168.1.15 host=192.168.1.15 result=permfail > smtpd[91077] smtp event=failed-command address=192.168.1.15 > host=192.168.1.15 command="AUTH PLAIN (...)" result="535 Authentication > failed" > smtpd[91077] smtp event=authentication [email protected] > address=192.168.1.15 host=192.168.1.15 result=permfail > smtpd[91077] smtp event=failed-command address=192.168.1.15 > host=192.168.1.15 command="AUTH LOGIN (password)" result="535 > Authentication failed" > > -------------------------------------- > $ cat /etc/mail/smtpd.conf > ... > pki smtp.domain.com cetficate "/etc/mail/smtpd.domain.com.crt" > pki smtp.domain.com key "/etc/mail/smtpd.domain.com.key" > > ciphers TLSv1.2 > ... > table alias db:/etc/mail/alias.db > table virtual db:/etc/mail/virtual.db > table domains file:/etc/mail/domains > table user_password file:/etc/mail/user_password > ... > > listen on lo0 port smtp tls pki smtp.domain.com > listen on lo0 port 465 tls-require auth <user_password> pki smtp.domain.com > listen on lo0 port 587 tls-require auth <user_password> pki smtp.domain.com > > ... > > accept from local for local alias <alias> deliver to lmtp > "/dovecot/lmtp> rcpt-to > accept from any for domain <domains> virtual <virtual> deliver to lmtp > "/dovecot/lmtp" rcpt-to > ... > > -------------------------------------- > > What can be wrong? > > Denis >
Try authentication with just the user part plus password. Ie: user Instead of [email protected] > -- > You received this mail because you are subscribed to [email protected] > To unsubscribe, send a mail to: [email protected] >
