mail.btopenworld.com randomly transmogrifies into pop-smtp1-f.bt.mail.vip.ird.yahoo.com, defeating SASL.

Tue, 21 Oct 2008 10:06:17 -0700 

Hi Brian,
I'll comment on your remarks regarding reject_unverified_sender later, when I've had the opportunity to read / test thoroughly. 


On 21 Oct 2008, at 17:24, Brian Evans - Postfix List wrote:

...
BTW.. btopenworld.com use yahoo MXs:
[EMAIL PROTECTED] ~ $ host btopenworld.com
btopenworld.com has address 213.121.143.193
btopenworld.com mail is handled by 30 mx2.bt.mail.yahoo.com.
btopenworld.com mail is handled by 20 mx1.bt.mail.yahoo.com.

The original message issue, that caused the bounce, can be solved by
using SASL on the smtp client to begin with.
See http://www.postfix.org/SASL_README.html#client_sasl for details.



Unfortunately there's more to it than this.

SASL is already configured on the host:

$ sudo grep btopenworld.com /etc/postfix/*
/etc/postfix/main.cf:relayhost = [mail.btopenworld.com]

/etc/postfix/sasl_passwd:mail.btopenworld.com	 
[EMAIL PROTECTED]:password

Binary file /etc/postfix/sasl_passwd.db matches
$


Unfortunately, something random appears to be happening involving the  
relayhost mail.btopenworld.com randomly transmogrifying into pop-smtp1- 
f.bt.mail.vip.ird.yahoo.com - presumably this is what's preventing  
postfix from authenticating to it:



$ for foo in 1 2 3 4 5 6 7 8 9 10 ; do echo "Subject: test $foo of 10  
from [EMAIL PROTECTED]" |  /usr/sbin/sendmail -f [EMAIL PROTECTED] [EMAIL PROTECTED] 
 ; sleep 5 ; done

$ grep stellar /var/log/mail.log

Oct 21 18:00:46 freds-computer postfix/smtp[9252]: E17D427B8F8: to=<[EMAIL PROTECTED] 
>, relay=mail.btopenworld.com[217.146.188.192], delay=2, status=sent  
(250 ok 1224608450 qp 17271)
Oct 21 18:00:50 freds-computer postfix/smtp[9252]: EA10027B8FA: to=<[EMAIL PROTECTED] 
>, relay=mail.btopenworld.com[217.146.188.192], delay=1, status=sent  
(250 ok 1224608454 qp 28650)
Oct 21 18:00:57 freds-computer postfix/smtp[9252]: B730927B8FC: to=<[EMAIL PROTECTED] 
>, relay=mail.btopenworld.com[217.146.188.192], delay=2, status=sent  
(250 ok 1224608461 qp 65459)
Oct 21 18:01:02 freds-computer postfix/smtp[9252]: BC9BF27B8FE: to=<[EMAIL PROTECTED] 
>, relay=mail.btopenworld.com[217.146.188.192], delay=2, status=sent  
(250 ok 1224608465 qp 56539)
Oct 21 18:01:06 freds-computer postfix/smtp[9252]: C20EF27B900: to=<[EMAIL PROTECTED] 
>, relay=mail.btopenworld.com[217.146.188.192], delay=1, status=sent  
(250 ok 1224608470 qp 18520)
Oct 21 18:01:13 freds-computer postfix/smtp[9252]: C79AC27B902: to=<[EMAIL PROTECTED] 
>, relay=mail.btopenworld.com[217.146.188.192], delay=3, status=sent  
(250 ok 1224608477 qp 65839)
Oct 21 18:01:19 freds-computer postfix/smtp[9252]: CD6D427B904: to=<[EMAIL PROTECTED] 
>, relay=mail.btopenworld.com[217.146.188.192], delay=4, status=sent  
(250 ok 1224608483 qp 33693)
Oct 21 18:01:21 freds-computer postfix/smtp[9252]: D31C427B906: to=<[EMAIL PROTECTED] 
>, relay=mail.btopenworld.com[217.146.188.192], delay=1, status=sent  
(250 ok 1224608485 qp 65680)
Oct 21 18:01:26 freds-computer postfix/smtp[9252]: D89AE27B908: to=<[EMAIL PROTECTED] 
>, relay=pop-smtp1-f.bt.mail.vip.ird.yahoo.com[217.146.188.192],  
delay=1, status=bounced (host pop-smtp1- 
f.bt.mail.vip.ird.yahoo.com[217.146.188.192] said: 530 authentication  
required - for help go to http://help.yahoo.com/help/us/mail/pop/pop-11.html 
 (in reply to MAIL FROM command))
Oct 21 18:01:32 freds-computer postfix/smtp[9252]: DE04A27B90D: to=<[EMAIL PROTECTED] 
>, relay=mail.btopenworld.com[217.146.188.192], delay=2, status=sent  
(250 ok 1224608495 qp 66901)

$ host mail.btopenworld.com
mail.btopenworld.com has address 217.146.188.192
mail.btopenworld.com is an alias for pop-smtp.bt.mail.yahoo.com.

pop-smtp.bt.mail.yahoo.com is an alias for pop-smtp1- 
f.bt.mail.vip.ird.yahoo.com.

mail.btopenworld.com is an alias for pop-smtp.bt.mail.yahoo.com.

pop-smtp.bt.mail.yahoo.com is an alias for pop-smtp1- 
f.bt.mail.vip.ird.yahoo.com.

pop-smtp1-f.bt.mail.vip.ird.yahoo.com mail is handled by 0 .
$ host 217.146.188.192
192.188.146.217.in-addr.arpa domain name pointer mail.btopenworld.com.



I'm pretty sure that I read something about this a couple of weeks ago  
(when I was setting this system up) and that a later version of  
Postfix behaves in the desired manner, but I can't find the resource  
for this now. I obviously wanted to stick with the version installed  
by Apple and, having stuck the square brackets around  
[mail.btopenworld.com] in the relayhost line of main.cf it _seemed_ to  
be all working. As you can see from all the output above, the problem  
is not consistent, so I didn't notice it in my testing and it was only  
after a week or two of use that the user became aware that SOME  
recipients were not receiving messages.



The temptation is obviously to stick pop-smtp.bt.mail.yahoo.com and  
pop-smtp1-f.bt.mail.vip.ird.yahoo.com in the sasl_passwd.db with the  
same credentials, but I fear this will break in the future when BT  
alias to yet another different mailserver.


Stroller.






















					Reply via email to