Dear
I don't understand why but i think that Postfix did want to send the
authentication request in the SMTP protocol.
In this case , the client (thunderbird) cannot send authentication
parameters trough Internet.
When executing saslfinger, there is not information in the -- mechanisms
on localhost -- i think that perhaps this is the problem.
How can i resolv it
Many thanks
Output debug log
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: >>> START Sender address
RESTRICTIONS <<<
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks:
name=permit_sasl_authenticated
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks:
name=permit_sasl_authenticated status=0
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks:
name=permit_mynetworks
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: permit_mynetworks:
129.168.201-77.rev.gaoland.net 77.201.168.129
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostname:
129.168.201-77.rev.gaoland.net ~? 127.0.0.0/8
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostaddr: 77.201.168.129
~? 127.0.0.0/8
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostname:
129.168.201-77.rev.gaoland.net ~? [::ffff:127.0.0.0]/104
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostaddr: 77.201.168.129
~? [::ffff:127.0.0.0]/104
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostname:
129.168.201-77.rev.gaoland.net ~? [::1]/128
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostaddr: 77.201.168.129
~? [::1]/128
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostname:
129.168.201-77.rev.gaoland.net ~? 91.121.48.19
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostaddr: 77.201.168.129
~? 91.121.48.19
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_list_match:
129.168.201-77.rev.gaoland.net: no match
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_list_match:
77.201.168.129: no match
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks:
name=permit_mynetworks status=0
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: >>> END Sender address
RESTRICTIONS <<<
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: >>> START Recipient address
RESTRICTIONS <<<
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks:
name=permit_sasl_authenticated
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks:
name=permit_sasl_authenticated status=0
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks:
name=permit_mynetworks
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: permit_mynetworks:
129.168.201-77.rev.gaoland.net 77.201.168.129
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostname:
129.168.201-77.rev.gaoland.net ~? 127.0.0.0/8
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostaddr: 77.201.168.129
~? 127.0.0.0/8
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostname:
129.168.201-77.rev.gaoland.net ~? [::ffff:127.0.0.0]/104
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostaddr: 77.201.168.129
~? [::ffff:127.0.0.0]/104
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostname:
129.168.201-77.rev.gaoland.net ~? [::1]/128
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostaddr: 77.201.168.129
~? [::1]/128
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostname:
129.168.201-77.rev.gaoland.net ~? 91.121.48.19
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_hostaddr: 77.201.168.129
~? 91.121.48.19
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_list_match:
129.168.201-77.rev.gaoland.net: no match
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: match_list_match:
77.201.168.129: no match
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks:
name=permit_mynetworks status=0
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks: name=reject
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: NOQUEUE: reject: RCPT from
129.168.201-77.rev.gaoland.net[77.201.168.129]: 554 5.7.1
<da...@xxx.eu>: Recipient address rejected: Access denied;
from=<dtouz...@xxx.org> to=<da...@xxx.eu> proto=ESMTP
helo=<[192.168.1.20]>
Jan 23 15:09:23 mx1 postfix/smtpd[25192]: generic_checks: name=reject
status=2
Output of saslfinger, you can see there is no -- mechanisms on localhost
--
saslfinger - postfix Cyrus sasl configuration samedi 23 janvier 2010,
15:04:40 (UTC+0100)
version: 1.0.4
mode: server-side SMTP AUTH
-- basics --
Postfix: 2.5.5
System: Debian GNU/Linux 5.0 \n \l
-- smtpd is linked to --
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7d7c000)
-- active SMTP AUTH and TLS parameters for smtpd --
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/ssl/certs/postfix/ca.csr
smtpd_tls_ask_ccert = no
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/certs/postfix/ca.crt
smtpd_tls_key_file = /etc/ssl/certs/postfix/ca.key
smtpd_tls_received_header = yes
smtpd_tls_req_ccert = no
smtpd_tls_security_level = none
smtpd_tls_session_cache_database = btree:$data_directory/smtpd_tls_cache
smtpd_use_tls = yes
-- content of /usr/lib/sasl2/smtpd.conf --
pwcheck_method: saslauthd
mech_list: plain login
log_level: 5
-- content of /etc/postfix/sasl/smtpd.conf --
pwcheck_method: saslauthd
mech_list: plain login
log_level: 5
-- content of /etc/postfix/sasl/smtpd.conf --
pwcheck_method: saslauthd
mech_list: plain login
log_level: 5
-- active services in /etc/postfix/master.cf --
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
smtp inet n - n - - smtpd -v
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o fallback_relay=
showq unix n - n - - showq
error unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
scan unix - - n - 10 smtp
maildrop unix - n n - - pipe
retry unix - - n - - error
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender
$recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=mail:mail argv=/etc/mailman/postfix-to-mailman.py
${nexthop} ${mailbox}
artica-whitelist unix - n n - - pipe
flags=F user=mail argv=/usr/share/artica-postfix/bin/artica-whitelist
-a ${nexthop} -s ${sender} --white
artica-blacklist unix - n n - - pipe
flags=F user=mail argv=/usr/share/artica-postfix/bin/artica-whitelist
-a ${nexthop} -s ${sender} --black
artica-reportwbl unix - n n - - pipe
flags=F user=mail argv=/usr/share/artica-postfix/bin/artica-whitelist
-a ${nexthop} -s ${sender} --report
artica-reportquar unix - n n - - pipe
flags=F user=mail argv=/usr/share/artica-postfix/bin/artica-whitelist
-a ${nexthop} -s ${sender} --quarantines
artica-filter unix - n n - 20 pipe
flags=FOh user=www-data
argv=/usr/share/artica-postfix/exec.artica-filter.php -f ${sender} --
-s ${sender} -r ${recipient} -c ${client_address}
-- mechanisms on localhost --
-- end of saslfinger output --
