Re: local authentification problem

Fri, 15 Jun 2012 08:23:05 -0700 


Le 15/06/2012 16:51, Brian Evans - Postfix List a écrit :

On 6/15/2012 9:26 AM, Alain Deseine wrote:

When i try locally, using telnet, it's ok again :

*ks3094730:~ # telnet localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 xxx.hhhh.fr ESMTP Postfix
EHLO TETE
250-AUTH GSSAPI LOGIN PLAIN DIGEST-MD5
*

Notice that AUTH is offered in your basic test.

*250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
*

But ignored.



Yes, i agree, but it's for verification that postfix accept mail from 
localohost, without any identification. And it work.



The problem begin when i try to use the webmail installed on the same
host.

Here is the logs i get :

*Jun 15 15:15:44 xxxx dovecot: imap-login: Login: user=<[email protected]>,
method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=14359, TLS
Jun 15 15:15:44 xxxx postfix/smtpd[14241]: connect from
localhost[127.0.0.1]
Jun 15 15:15:44 xxxx postfix/smtpd[14241]: warning:
localhost[127.0.0.1]: SASL LOGIN authentication failed: authentication
failure
Jun 15 15:15:44 xxxx postfix/smtpd[14241]: lost connection after AUTH
from localhost[127.0.0.1]
Jun 15 15:15:44 xxxx postfix/smtpd[14241]: disconnect from
localhost[127.0.0.1]
*

The CLIENT disconnects after the AUTH failed, not POSTFIX.



Here again i agree with you, but if the client disconnect, that's 
because postfis tell that the authentication fail.



I don't understand because i setup postfix to  NOT use SASL
authentication for localhost :


That statement is incorrect.  You ALLOW localhost OR SASL authenticated
to relay but nothing says disable for localhost.


There is something i don't understand. Tell me if i'm wrong :

permit_mynetworks in the smtpd_recipient_restrictions configuration item is for 
telling postfix to relay FROM client that use local IP adress.

And local IP address are defined by the $mynetworks variable. As 
mynetworks_style = host, 127.0.0.0/8 is included in $mynetworks.

So when i do la local telnet WITHOUT AUTH postfix accept to relay mail, and 
that's ok.

But when the open xchange webmail try the same (with an ip adress = 127.0.0.1) 
postfix try to authenticate with SASL.

At this point i don't understand why in same conditions (client send mail from 
127.0.0.1 to some outside e-mail) postfix in one case authorise relaying, and 
in the other case try to do SMTP AUTH ...
























					Reply via email to