subject:"intermittent sasl auth fails\?"

Re: intermittent sasl auth fails?

2019-03-17 Thread Viktor Dukhovni

On Sun, Mar 17, 2019 at 10:40:23PM +1100, li...@sbt.net.au wrote:

> Mar 17 22:10:53 postfix/smtpd[11975]: warning:
>   111-222-333-444.static.tpgi.com.au[111.222.333.444]: SASL LOGIN
>   authentication failed: UGFzc3dvcmQ6

Try to avoid pasting SASL-generated base64-encoded strings from
verbose logs, these often contain easily decoded passwords.  In
this case "UGFzc3dvcmQ6" just decodes to "Password:", which I hope
is not the actual password for the account.

> Mar 17 22:14:42 postfix/smtpd[12089]: 5425745329A0:
>   client=111-222-333-444.static.tpgi.com.au 111.222.333.444],
>   sasl_method=PLAIN, sasl_username=m...@tld.com.au
> Mar 17 22:14:43 amavis[11177]: (11177-17) Passed CLEAN {RelayedOutbound},
>   ORIGINATING LOCAL [111.222.333.444]:54608 [111.222.333.444] 
>   -> , Queue-ID: 5425745329A0, Message-ID:
>   <7252a376-030e-0a85-cede-d204206bf...@autopack.com>, mail_id:
>   WUkk9VvorFcd, Hits: 0.076, size: , queued_as: BAE5645329A6, 1303 ms

The SASL login name is "m...@tld.com.au".  The envelope
sender email address is: "m...@tld.com".

> the sasl username is 'm...@tld.com.au' BUT on next line they have
> 'm...@tld.com' (both domains are valid, tld.com as well as tld.com.au) -
> could that be a problem?

No.  The SASL login name need not be, and often isn't, the same as
the envelope sender address.

-- 
Viktor.

Re: intermittent sasl auth fails?

2019-03-17 Thread @lbutlr

On 17 Mar 2019, at 15:47, @lbutlr  wrote:
> On 17 Mar 2019, at 05:40, li...@sbt.net.au wrote:
>> (both domains are valid, tld.com as well as tld.com.au) 
> 
> both are valid in your lookup table? Have you checked this with postman?

postmaP

(sorry, spelling correcting one wild)



-- 
Stone circles were common enough everywhere in the mountains. Druids
built them as weather computers, and since it was always cheaper to
build a new 33-Megalith circle than to upgrade an old slow one, there
were generally plenty of ancient ones around --Lords and Ladies

Re: intermittent sasl auth fails?

2019-03-17 Thread @lbutlr

On 17 Mar 2019, at 05:40, li...@sbt.net.au wrote:
> (both domains are valid, tld.com as well as tld.com.au) 

both are valid in your lookup table? Have you checked this with postman?



-- 
'There has to be enough light,' he panted, 'to see the darkness.'

intermittent sasl auth fails?

2019-03-17 Thread lists

I have a user with TBird saying they get ocassional error when trying to
send with SASL AUTH, looking at log, I see this;

Mar 17 22:10:44 postfix/smtpd[11975]: connect from
111-222-333-444.static.tpgi.com.au[111.222.333.444]
Mar 17 22:10:45 postfix/smtpd[11975]: Anonymous TLS connection established
from 111-222-333-444.static.tpgi.com.au[111.222.333.444]: TLSv1.2 with
cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
Mar 17 22:10:47 postfix/smtpd[11975]: warning:
111-222-333-444.static.tpgi.com.au[111.222.333.444]: SASL PLAIN
authentication failed:
Mar 17 22:10:53 postfix/smtpd[11975]: warning:
111-222-333-444.static.tpgi.com.au[111.222.333.444]: SASL LOGIN
authentication failed: UGFzc3dvcmQ6
Mar 17 22:10:59 postfix/smtpd[11975]: warning:
111-222-333-444.static.tpgi.com.au[111.222.333.444]: SASL PLAIN
authentication failed: UGFzc3dvcmQ6
Mar 17 22:11:05 postfix/smtpd[11975]: warning:
111-222-333-444.static.tpgi.com.au[111.222.333.444]: SASL LOGIN
authentication failed: UGFzc3dvcmQ6
Mar 17 22:11:59 postfix/smtpd[11975]: disconnect from
111-222-333-444.static.tpgi.com.au[111.222.333.444] ehlo=2 starttls=1
auth=0/4 quit=1 commands=4/8

Mar 17 22:14:37 postfix/smtpd[12089]: connect from
111-222-333-444.static.tpgi.com.au[111.222.333.444]
Mar 17 22:14:38 postfix/smtpd[12089]: Anonymous TLS connection established
from 111-222-333-444.static.tpgi.com.au[111.222.333.444]: TLSv1.2 with
cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
Mar 17 22:14:42 postfix/smtpd[12089]: 5425745329A0:
client=111-222-333-444.static.tpgi.com.au 111.222.333.444],
sasl_method=PLAIN, sasl_username=m...@tld.com.au
Mar 17 22:14:42 postfix/smtpd[12089]: disconnect from
111-222-333-444.static.tpgi.com.au[111.222.333.444] ehlo=2 starttls=1
auth=1 mail=1 rcpt=1 data=1 quit=1 commands=8
Mar 17 22:14:43 amavis[11177]: (11177-17) Passed CLEAN {RelayedOutbound},
ORIGINATING LOCAL [111.222.333.444]:54608 [111.222.333.444] 
-> , Queue-ID: 5425745329A0, Message-ID:
<7252a376-030e-0a85-cede-d204206bf...@autopack.com>, mail_id:
WUkk9VvorFcd, Hits: 0.076, size: , queued_as: BAE5645329A6, 1303 ms


h, as I was munging the email address, I've noticed that:

the sasl username is 'm...@tld.com.au' BUT on next line they have
'm...@tld.com' (both domains are valid, tld.com as well as tld.com.au) -
could that be a problem ?

how else to t/s this ?

V

Re: intermittent sasl auth fails?

Re: intermittent sasl auth fails?

Re: intermittent sasl auth fails?

intermittent sasl auth fails?

4 matches

Site Navigation

Mail list logo

Footer information