Re: intermittent sasl auth fails?
On Sun, Mar 17, 2019 at 10:40:23PM +1100, li...@sbt.net.au wrote: > Mar 17 22:10:53 postfix/smtpd[11975]: warning: > 111-222-333-444.static.tpgi.com.au[111.222.333.444]: SASL LOGIN > authentication failed: UGFzc3dvcmQ6 Try to avoid pasting SASL-generated base64-encoded strings from verbose logs, these often contain easily decoded passwords. In this case "UGFzc3dvcmQ6" just decodes to "Password:", which I hope is not the actual password for the account. > Mar 17 22:14:42 postfix/smtpd[12089]: 5425745329A0: > client=111-222-333-444.static.tpgi.com.au 111.222.333.444], > sasl_method=PLAIN, sasl_username=m...@tld.com.au > Mar 17 22:14:43 amavis[11177]: (11177-17) Passed CLEAN {RelayedOutbound}, > ORIGINATING LOCAL [111.222.333.444]:54608 [111.222.333.444] > -> , Queue-ID: 5425745329A0, Message-ID: > <7252a376-030e-0a85-cede-d204206bf...@autopack.com>, mail_id: > WUkk9VvorFcd, Hits: 0.076, size: , queued_as: BAE5645329A6, 1303 ms The SASL login name is "m...@tld.com.au". The envelope sender email address is: "m...@tld.com". > the sasl username is 'm...@tld.com.au' BUT on next line they have > 'm...@tld.com' (both domains are valid, tld.com as well as tld.com.au) - > could that be a problem? No. The SASL login name need not be, and often isn't, the same as the envelope sender address. -- Viktor.
Re: intermittent sasl auth fails?
On 17 Mar 2019, at 15:47, @lbutlr wrote: > On 17 Mar 2019, at 05:40, li...@sbt.net.au wrote: >> (both domains are valid, tld.com as well as tld.com.au) > > both are valid in your lookup table? Have you checked this with postman? postmaP (sorry, spelling correcting one wild) -- Stone circles were common enough everywhere in the mountains. Druids built them as weather computers, and since it was always cheaper to build a new 33-Megalith circle than to upgrade an old slow one, there were generally plenty of ancient ones around --Lords and Ladies
Re: intermittent sasl auth fails?
On 17 Mar 2019, at 05:40, li...@sbt.net.au wrote: > (both domains are valid, tld.com as well as tld.com.au) both are valid in your lookup table? Have you checked this with postman? -- 'There has to be enough light,' he panted, 'to see the darkness.'
intermittent sasl auth fails?
I have a user with TBird saying they get ocassional error when trying to send with SASL AUTH, looking at log, I see this; Mar 17 22:10:44 postfix/smtpd[11975]: connect from 111-222-333-444.static.tpgi.com.au[111.222.333.444] Mar 17 22:10:45 postfix/smtpd[11975]: Anonymous TLS connection established from 111-222-333-444.static.tpgi.com.au[111.222.333.444]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) Mar 17 22:10:47 postfix/smtpd[11975]: warning: 111-222-333-444.static.tpgi.com.au[111.222.333.444]: SASL PLAIN authentication failed: Mar 17 22:10:53 postfix/smtpd[11975]: warning: 111-222-333-444.static.tpgi.com.au[111.222.333.444]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 17 22:10:59 postfix/smtpd[11975]: warning: 111-222-333-444.static.tpgi.com.au[111.222.333.444]: SASL PLAIN authentication failed: UGFzc3dvcmQ6 Mar 17 22:11:05 postfix/smtpd[11975]: warning: 111-222-333-444.static.tpgi.com.au[111.222.333.444]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 17 22:11:59 postfix/smtpd[11975]: disconnect from 111-222-333-444.static.tpgi.com.au[111.222.333.444] ehlo=2 starttls=1 auth=0/4 quit=1 commands=4/8 Mar 17 22:14:37 postfix/smtpd[12089]: connect from 111-222-333-444.static.tpgi.com.au[111.222.333.444] Mar 17 22:14:38 postfix/smtpd[12089]: Anonymous TLS connection established from 111-222-333-444.static.tpgi.com.au[111.222.333.444]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) Mar 17 22:14:42 postfix/smtpd[12089]: 5425745329A0: client=111-222-333-444.static.tpgi.com.au 111.222.333.444], sasl_method=PLAIN, sasl_username=m...@tld.com.au Mar 17 22:14:42 postfix/smtpd[12089]: disconnect from 111-222-333-444.static.tpgi.com.au[111.222.333.444] ehlo=2 starttls=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=8 Mar 17 22:14:43 amavis[11177]: (11177-17) Passed CLEAN {RelayedOutbound}, ORIGINATING LOCAL [111.222.333.444]:54608 [111.222.333.444] -> , Queue-ID: 5425745329A0, Message-ID: <7252a376-030e-0a85-cede-d204206bf...@autopack.com>, mail_id: WUkk9VvorFcd, Hits: 0.076, size: , queued_as: BAE5645329A6, 1303 ms h, as I was munging the email address, I've noticed that: the sasl username is 'm...@tld.com.au' BUT on next line they have 'm...@tld.com' (both domains are valid, tld.com as well as tld.com.au) - could that be a problem ? how else to t/s this ? V