Re: Postfix and Myvzw.com POP3 email
Good evening fellow Postfix-ers: Here is the end result as I have fixed my problem with my authorization issue and Myvzw.com. First of all, postconf -a indicated that my current install (CND solaris package) did not support Cyrus or Dovecot. This led me to do the following: 1. Downloaded from Sunfreeware.com the SASL 2.1.21 Solaris-sparc package (Please note that there's a symbolic link that is recommended on the Sunfreeware page. Depending on your library location, you need to make this link.) 2. Installed SASL using the pkgadd command 3. Configured SASL using the manual SMTP AUTH Using Cyrus and Postfix By Saul Cisneros. 4. Downloaded the latest version (2.7.2) of postfix. In compiling v2.7.2, it is extremely important to pass the correct arguments to your compiler. I used the following commands for Solaris 10: # make makefiles CCARGS=-DUSE_SASL_AUTH -DUSE_CYRUS_SASL-I/usr/include/sasl -I/usr/local/include/sasl -I/usr/local/lib/sasl2 AUXLIBS=-L/usr/local/lib -lsasl2 # make # make install After starting the new postfix up for the first time, I was seeing the following errors when first sending mail from my phone to my postfix server: Dec 29 20:16:59 server-new postfix/smtpd[1560]: [ID 197553 mail.info] connect from 49.sub-174-252-167.myvzw.com[174.252.167.49] Dec 29 20:16:59 server-new postfix/smtpd[1560]: [ID 947731 mail.warning] warning: SASL authentication failure: no secret in database Dec 29 20:16:59 server-new postfix/smtpd[1560]: [ID 947731 mail.warning] warning: 49.sub-174-252-167.myvzw.com[174.252.167.49]: SASL CRAM-MD5 authentication failed: authentication failure Dec 29 20:17:00 server-new postfix/smtpd[1560]: [ID 197553 mail.info] lost connection after AUTH from 49.sub-174-252-167.myvzw.com[174.252.167.49] Dec 29 20:17:00 server-new postfix/smtpd[1560]: [ID 197553 mail.info] disconnect from 49.sub-174-252-167.myvzw.com[174.252.167.49] In order to fix these errors, I had to do the following. 5. Created a SASL authentication db with the following command: # /usr/local/sbin/saslpasswd2 -f /etc/sasldb2 -u domain.com user (this step is not listed in the above manual) 6. Very Important!!! Created the smtpd.conf file in /usr/lib/sasl2. Contents of the conf file are as follows: pwcheck_method: saslauthd saslauthd_version: 2 mech_list: PLAIN LOGIN saslauthd_path: /var/run/saslauthd/mux/mux It should be noted that each time I made changes during trouble-shooting, I restarted postfix. Several times there were missing libraries that it complained about that I had to link or copy over. Also, I had to create a rc script for starting the sasl daemon. I apologize for the lack of technical detail. If anyone has specific questions on how I got this to work please email me at m...@lancertech.com and I will do my best to answer. Respectfully; Mark K. --
Re: Postfix and Myvzw.com POP3 email
Hi Victor: Thank you again for your response. I used the following package to install postfix: CNDpostfix-2.7.1,REV=100609-SunOS5.10-sparc.pkg. If you could please review the information below ,I am hoping that you or someone else in the postfix world can provide some direction on how to enable AUTH based on what I have so far. Please let me know if you need anymore information and I will be more than happy to provide it. According to documentation I should be able to tell what AUTH support is enabled by telneting to the systems mail port (25) and issuing an EHLO command which should list the supported options including AUTH. Here is my output: telnet www.lancertech.com 25 Trying 73.79.104.11... Connected to www.lancertech.com. Escape character is '^]'. 220 mail.lancertech.com ESMTP Postfix ehlo lancertech.com 250-mail.lancertech.com 250-PIPELINING 250-SIZE 4048 250-ETRN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN As you can see AUTH does not seem to be listed. I am not sure if this is because my main.cf file is not correctly configured or AUTH was not complied into this package. So I decided to look at the smtpd executable to see what AUTH was compiled into it by using the following strings command: rambo-new# strings /usr/libexec/postfix/smtpd | grep -i auth 550 5.7.0 Error: insufficient authorization 550 5.7.0 Error: insufficient authorization smtpd_sasl_auth_enable smtpd_sasl_authenticated_header broken_sasl_auth_clients smtpd_tls_auth_only permit_mynetworks, reject_unauth_destination smtpd_authorized_verp_clients $authorized_verp_clients smtpd_authorized_xclient_hosts smtpd_authorized_xforward_hosts i {auth_type} {auth_authen} {auth_author} {mail_addr} {mail_host} {mail_mailer} reject_unauth_destination reject_authenticated_sender_login_mismatch reject_unauthenticated_sender_login_mismatch permit_auth_destination reject_unauth_destination reject_unauth_pipelining all_auth_mx_addr reject_unauth_pipelining reject_authenticated_sender_login_mismatch reject_unauthenticated_sender_login_mismatch permit_auth_destination reject_unauth_destination permit_sasl_authenticated permit_sasl_authenticated cannot load Certificate Authority data: disabling TLS support AUTH MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY LANG=C debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqp d_authorized_clients,relay_domains,smtpd_access_maps send_cyrus_sasl_authzid no_unauth auth smtpd_sasl_auth_enable reject_unauth_destination rambo-new# I know probably not much help from above because I don't know what I am looking for to validate that AUTH is configured properly. Finally, I decided to see what LDD showed. Again there aren't a lot of examples of what these commands should look like if AUTH is installed correctly: libssl.so.0.9.7 = /usr/sfw/lib/libssl.so.0.9.7 libcrypto.so.0.9.7 =/usr/sfw/lib/libcrypto.so.0.9.7 libldap.so.5 = /usr/lib/libldap.so.5 libresolv.so.2 =/lib/libresolv.so.2 libsocket.so.1 =/lib/libsocket.so.1 libnsl.so.1 = /lib/libnsl.so.1 libc.so.1 = /lib/libc.so.1 libsasl.so.1 = /usr/lib/libsasl.so.1 libmd.so.1 =/lib/libmd.so.1 libnspr4.so = /usr/lib/mps/libnspr4.so libplc4.so =/usr/lib/mps/libplc4.so libnss3.so =/usr/lib/mps/libnss3.so libssl3.so =/usr/lib/mps/libssl3.so libmp.so.2 =/lib/libmp.so.2 libscf.so.1 = /lib/libscf.so.1 libpthread.so.1 = /lib/libpthread.so.1 librt.so.1 =/lib/librt.so.1 libdl.so.1 =/lib/libdl.so.1 libnssutil3.so =/usr/lib/mps/libnssutil3.so libplds4.so = /usr/lib/mps/libplds4.so libthread.so.1 =/lib/libthread.so.1 libdoor.so.1 = /lib/libdoor.so.1 libuutil.so.1 = /lib/libuutil.so.1 libgen.so.1 = /lib/libgen.so.1 libaio.so.1 = /lib/libaio.so.1 libssl_extra.so.0.9.7 = /usr/sfw/lib/libssl_extra.so.0.9.7 libcrypto_extra.so.0.9.7 = /usr/sfw/lib/libcrypto_extra.so.0.9.7 libm.so.2 = /lib/libm.so.2 /platform/SUNW,Sun-Blade-100/lib/libc_psr.so.1 /platform/SUNW,Sun-Blade-100/lib/libmd_psr.so.1 /usr/lib/mps/cpu/sparcv8plus/libnspr_flt4.so : On 12/27/10 5:45 PM, Victor Duchovni victor.ducho...@morganstanley.com wrote: On Mon, Dec 27, 2010 at 05:29:18PM -0500, Mark Khan wrote: My postfix server works with all other POP3 email providers (AOL, Meaasgelabs, etc) except Verizon?s myvzw.com which of course is what my new droid X uses. POP3 is configured with just login and password. No TLS. What does POP3 have to do with Postfix? Postfix is NOT a POP server. Here is the the mynetworks configuration line entries from main.cf: # Added verizon wireless IP 174.252.0.0 to MYNETWORKS mynetworks = 174.252.134.106 106.134.252.174.in-addr.arpa. 7157 IN PTR 106.sub-174-252-134
Postfix and Myvzw.com POP3 email
Good Evening: Ok I have struggled and I have no idea what to do next so I would greatly appreciate any and all help. My postfix server works with all other POP3 email providers (AOL, Meaasgelabs, etc) except VerizonĀ¹s myvzw.com which of course is what my new droid X uses. POP3 is configured with just login and password. No TLS. Here is the the mynetworks configuration line entries from main.cf: # Added verizon wireless IP 174.252.0.0 to MYNETWORKS mynetworks = 174.252.134.106 And here are the errors Dec 26 22:54:51 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] connect from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:51 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] lost connection after UNKNOWN from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:51 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] disconnect from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:51 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] connect from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:52 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] lost connection after UNKNOWN from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:52 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] disconnect from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:52 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] connect from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:52 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] lost connection after UNKNOWN from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:52 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] disconnect from 106.sub-174-252-134.myvzw.com[174.252.134.106] DNS Testing: rambo-new# nslookup myvzw.com Server: 128.29.127.128 Address:128.29.127.128#53 Non-authoritative answer: Name: myvzw.com Address: 207.68.174.238 rambo-new# nslookup 106.sub-174-252-134.myvzw.com Server: 128.29.127.128 Address:128.29.127.128#53 Non-authoritative answer: Name: 106.sub-174-252-134.myvzw.com Address: 174.252.134.106 Again any and all help will be greatly appreciated. Respectfully; Mark K. Respectfully; Mark Khan Joint Communications Support Element Information Assurance Officer 813-828-5747 --
Re: Postfix and Myvzw.com POP3 email
Hi Victor: Here is a snoop snippet of a failed email. I am hoping you can you tell me how to configure postfix to ignore AUTH requests? 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50726 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50726 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50726 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50726 220 mail.lancertech. 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50726 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50726 EHLO mail.lancertech rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50726 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50726 250-mail.lancertech. 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50726 AUTH CRAM-MD5\r\n rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50726 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50726 502 5.5.2 Error: com 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50726 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50726 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50726 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50728 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50728 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50726 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50728 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50728 220 mail.lancertech. 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50728 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50728 EHLO mail.lancertech rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50728 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50728 250-mail.lancertech. 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50728 AUTH PLAIN AG1hawAxN rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50728 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50728 502 5.5.2 Error: com 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50728 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50728 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50728 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50740 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50740 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50728 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50740 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50740 220 mail.lancertech. 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50740 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50740 EHLO mail.lancertech rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50740 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50740 250-mail.lancertech. 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50740 AUTH LOGIN\r\n rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50740 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50740 502 5.5.2 Error: com 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50740 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50740 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50740 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50740 On 12/27/10 5:45 PM, Victor Duchovni victor.ducho...@morganstanley.com wrote: On Mon, Dec 27, 2010 at 05:29:18PM -0500, Mark Khan wrote: My postfix server works with all other POP3 email providers (AOL, Meaasgelabs, etc) except Verizon?s myvzw.com which of course is what my new droid X uses. POP3 is configured with just login and password. No TLS. What does POP3 have to do with Postfix? Postfix is NOT a POP server. Here is the the mynetworks configuration line entries from main.cf: # Added verizon wireless IP 174.252.0.0 to MYNETWORKS mynetworks = 174.252.134.106 106.134.252.174.in-addr.arpa. 7157 IN PTR 106.sub-174-252-134.myvzw.com. What is this host and Why should it host be in mynetworks? Is this a static IP assignment for a Verizon SMTP relay or an individual phone that you want to configure to submit via your server (in either case POP3 is a red-herring). And here are the errors Dec 26 22:54:51 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] connect from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:51 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] lost connection after UNKNOWN from 106.sub-174-252-134.myvzw.com[174.252.134.106] The SMTP client sent an unsupported SMTP command to Postfix and hung up after Postfix sent: 502 5.5.2 Error: command not recognized --