Re: OpenSMTPd authentication failed

2017-04-25 Thread Frank Timmers 
Hi Tim,

Thanks for the response. Placing the table name between <> solved the issue. 
After that smtpd indeed complained about the table not being found, which was 
solved by moving the table definitions before the listen statement.

Greetings,
Frank.

—
Apr 25 08:01:47 localhost smtpd[15911]: 1c75134ee470d49d smtp 
event=authentication user=test result=ok
—

> Op 24 apr. 2017, om 16:47 heeft Tim Kuijsten  het volgende 
> geschreven:
> 
> On Mon, Apr 24, 2017 at 04:30:34PM +0200, Frank Timmers wrote:
>> ...
>> — smtpd.conf —
>> pki mail.example.com certificate "/etc/opensmtpd/ssl.crt"
>> pki mail.example.com key "/etc/opensmtpd/ssl.key"
>> 
>> # Interface to listen on any address (needed for failover)
>> listen on 0.0.0.0 secure auth smtp_users pki mail.example.com
> 
> surround smtp_users with a < and > like:
> listen on 0.0.0.0 secure auth  pki mail.example.com
> 
>> # Userlist
>> table smtp_users file:/etc/opensmtpd/smtp_users
> 
> and try defining the smtp_users table before your "listen on" line although I 
> would expect smtpd -n should have complained about that.
> 
> -Tim
> 
>> — smtp.conf —
>> 
>> — smtp_users—
>> test 
>> $6$F1n7ZnzRfkPbGLjV$qBw5kvTo0dnJOA5dR7OCiF94gGK5yLOxtH9D2T4/.AAVGgfyyjdunh.RaXS6O0VHPPKriWurP/WgESa/dpfij1
>> — smtpd_users—
>> 
>> — /var/log/maillog—
>> Apr 24 13:02:08 localhost smtpd[17028]: e3f09084856c63f5 smtp 
>> event=connected address=192.168.50.1 host=192.168.50.1
>> Apr 24 13:02:08 localhost smtpd[17028]: e3f09084856c63f5 smtp event=starttls 
>> ciphers="version=TLSv1.2, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256"
>> Apr 24 13:02:08 localhost smtpd[17028]: e3f09084856c63f5 smtp 
>> event=authentication user=test result=permfail
>> Apr 24 13:02:09 localhost smtpd[17028]: smtp-in: Failed command on session 
>> e3f09084856c63f5: "AUTH PLAIN (...)" => 535 Authentication failed
>> Apr 24 13:02:09 localhost smtpd[17028]: e3f09084856c63f5 smtp 
>> event=authentication user=test result=permfail
>> Apr 24 13:02:10 localhost smtpd[17028]: smtp-in: Failed command on session 
>> e3f09084856c63f5: "AUTH PLAIN (...)" => 535 Authentication failed
>> Apr 24 13:02:10 localhost smtpd[17028]: e3f09084856c63f5 smtp 
>> event=authentication user=test result=permfail
>> Apr 24 13:02:11 localhost smtpd[17028]: smtp-in: Failed command on session 
>> e3f09084856c63f5: "AUTH LOGIN (password)" => 535 Authentication failed
>> Apr 24 13:02:11 localhost smtpd[17028]: e3f09084856c63f5 smtp 
>> event=authentication user=test result=permfail
>> Apr 24 13:02:11 localhost smtpd[17028]: smtp-in: Failed command on session 
>> e3f09084856c63f5: "AUTH LOGIN (password)" => 535 Authentication failed
>> Apr 24 13:02:11 localhost smtpd[17028]: e3f09084856c63f5 smtp event=closed 
>> reason=quit
>> — /var/log/maillog —
>> 
>> — smtp -dv -T all —
>> TABLE "smtp_users" type=HASH config="/etc/opensmtpd/tables/smtp_users"
>>  "test" -> 
>> "$6$F1n7ZnzRfkPbGLjV$qBw5kvTo0dnJOA5dR7OCiF94gGK5yLOxtH9D2T4/.AAVGgfyyjdunh.RaXS6O0VHPPKriWurP/WgESa/dpfij1"
>> mproc: lka -> pony: enabled
>> imsg: pony <- parent: IMSG_CONF_START (len=0)
>> imsg: pony <- parent: IMSG_CONF_END (len=0)
>> debug: smtp: listen on 127.0.0.1 port 10028 flags 0x400 pki "" ca ""
>> debug: smtp: listen on 0.0.0.0 port 25 flags 0x449 pki “mail.example.com" ca 
>> ""
>> debug: smtp: listen on 0.0.0.0 port 465 flags 0x44a pki “mail.example.com" 
>> ca ""
>> debug: pony: rsae_init
>> debug: pony: rsae_init
>> debug: smtp: will accept at most 2043 clients
>> imsg: ca <- parent: IMSG_CONF_START (len=0)
>> imsg: ca <- parent: IMSG_CONF_END (len=0)
>> debug: init private ssl-tree
>> mproc: ca -> pony: enabled
>> queue-backend: queue_envelope_walk() -> -1 ()
>> debug: queue: done loading queue into scheduler
>> debug: smtpd: scanning offline queue...
>> debug: smtpd: offline scanning done
>> debug: smtp: new client on listener: 0x23ca250
>> smtp: 0x23bbf60: connected to listener 0x23ca250 [hostname=mail.example.com, 
>> port=25, tag=]
>> mproc: pony -> lka: allocating 128
>> mproc: pony -> lka : 34 IMSG_SMTP_DNS_PTR
>> mproc: pony -> control: allocating 128
>> mproc: pony -> control : 47 IMSG_STAT_INCREMENT
>> mproc: pony -> control : 53 IMSG_STAT_INCREMENT
>> imsg: lka <- pony: IMSG_SMTP_DNS_PTR (len=34)
>> imsg: control <- pony: IMSG_STAT_INCREMENT (len=47)
>> ramstat: increment: smtp.session
>> ramstat: smtp.session (0x9fc641): 0 -> 1
>> imsg: control <- pony: IMSG_STAT_INCREMENT (len=53)
>> ramstat: increment: smtp.session.inet4
>> ramstat: smtp.session.inet4 (0x9fc641): 0 -> 1
>> mproc: lka -> pony: allocating 128
>> mproc: lka -> pony : 28 IMSG_SMTP_DNS_PTR
>> imsg: pony <- lka: IMSG_SMTP_DNS_PTR (len=28)
>> smtp: 0x23bbf60: STATE_NEW -> STATE_CONNECTED
>> 89080c4f60136a5e smtp event=connected address=192.168.50.1 host=192.168.50.1
>> filter: new query QUERY_CONNECT
>> filter: filter_drain_query 89080c5060380f52[QUERY_CONNECT=192.168.50.221 <-> 
>>

OpenSMTPd authentication failed

2017-04-24 Thread Frank Timmers 
Hi,

I’m trying to get authentication to work with opensmtpd, however I get the 
message “authentication failed”. Below you can find the content of smtpd.conf, 
smtp_users and /var/log/messages. The password has been encrypted with the 
“smtpctl encrypt” command.

Can the issue be that the smtp_user table is read as "type=HASH” and the lookup 
is done as “type=CREDENTIALS”?

Greetings,
Frank.

— smtpd.conf —
pki mail.example.com certificate "/etc/opensmtpd/ssl.crt"
pki mail.example.com key "/etc/opensmtpd/ssl.key"

# Interface to listen on any address (needed for failover)
listen on 0.0.0.0 secure auth smtp_users pki mail.example.com

# Userlist
table smtp_users file:/etc/opensmtpd/smtp_users
— smtp.conf —

— smtp_users—
test
$6$F1n7ZnzRfkPbGLjV$qBw5kvTo0dnJOA5dR7OCiF94gGK5yLOxtH9D2T4/.AAVGgfyyjdunh.RaXS6O0VHPPKriWurP/WgESa/dpfij1
— smtpd_users—

— /var/log/maillog—
Apr 24 13:02:08 localhost smtpd[17028]: e3f09084856c63f5 smtp event=connected 
address=192.168.50.1 host=192.168.50.1
Apr 24 13:02:08 localhost smtpd[17028]: e3f09084856c63f5 smtp event=starttls 
ciphers="version=TLSv1.2, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256"
Apr 24 13:02:08 localhost smtpd[17028]: e3f09084856c63f5 smtp 
event=authentication user=test result=permfail
Apr 24 13:02:09 localhost smtpd[17028]: smtp-in: Failed command on session 
e3f09084856c63f5: "AUTH PLAIN (...)" => 535 Authentication failed
Apr 24 13:02:09 localhost smtpd[17028]: e3f09084856c63f5 smtp 
event=authentication user=test result=permfail
Apr 24 13:02:10 localhost smtpd[17028]: smtp-in: Failed command on session 
e3f09084856c63f5: "AUTH PLAIN (...)" => 535 Authentication failed
Apr 24 13:02:10 localhost smtpd[17028]: e3f09084856c63f5 smtp 
event=authentication user=test result=permfail
Apr 24 13:02:11 localhost smtpd[17028]: smtp-in: Failed command on session 
e3f09084856c63f5: "AUTH LOGIN (password)" => 535 Authentication failed
Apr 24 13:02:11 localhost smtpd[17028]: e3f09084856c63f5 smtp 
event=authentication user=test result=permfail
Apr 24 13:02:11 localhost smtpd[17028]: smtp-in: Failed command on session 
e3f09084856c63f5: "AUTH LOGIN (password)" => 535 Authentication failed
Apr 24 13:02:11 localhost smtpd[17028]: e3f09084856c63f5 smtp event=closed 
reason=quit
— /var/log/maillog —

— smtp -dv -T all —
TABLE "smtp_users" type=HASH config="/etc/opensmtpd/tables/smtp_users"
"test" -> 
"$6$F1n7ZnzRfkPbGLjV$qBw5kvTo0dnJOA5dR7OCiF94gGK5yLOxtH9D2T4/.AAVGgfyyjdunh.RaXS6O0VHPPKriWurP/WgESa/dpfij1"
mproc: lka -> pony: enabled
imsg: pony <- parent: IMSG_CONF_START (len=0)
imsg: pony <- parent: IMSG_CONF_END (len=0)
debug: smtp: listen on 127.0.0.1 port 10028 flags 0x400 pki "" ca ""
debug: smtp: listen on 0.0.0.0 port 25 flags 0x449 pki “mail.example.com" ca ""
debug: smtp: listen on 0.0.0.0 port 465 flags 0x44a pki “mail.example.com" ca ""
debug: pony: rsae_init
debug: pony: rsae_init
debug: smtp: will accept at most 2043 clients
imsg: ca <- parent: IMSG_CONF_START (len=0)
imsg: ca <- parent: IMSG_CONF_END (len=0)
debug: init private ssl-tree
mproc: ca -> pony: enabled
queue-backend: queue_envelope_walk() -> -1 ()
debug: queue: done loading queue into scheduler
debug: smtpd: scanning offline queue...
debug: smtpd: offline scanning done
debug: smtp: new client on listener: 0x23ca250
smtp: 0x23bbf60: connected to listener 0x23ca250 [hostname=mail.example.com, 
port=25, tag=]
mproc: pony -> lka: allocating 128
mproc: pony -> lka : 34 IMSG_SMTP_DNS_PTR
mproc: pony -> control: allocating 128
mproc: pony -> control : 47 IMSG_STAT_INCREMENT
mproc: pony -> control : 53 IMSG_STAT_INCREMENT
imsg: lka <- pony: IMSG_SMTP_DNS_PTR (len=34)
imsg: control <- pony: IMSG_STAT_INCREMENT (len=47)
ramstat: increment: smtp.session
ramstat: smtp.session (0x9fc641): 0 -> 1
imsg: control <- pony: IMSG_STAT_INCREMENT (len=53)
ramstat: increment: smtp.session.inet4
ramstat: smtp.session.inet4 (0x9fc641): 0 -> 1
mproc: lka -> pony: allocating 128
mproc: lka -> pony : 28 IMSG_SMTP_DNS_PTR
imsg: pony <- lka: IMSG_SMTP_DNS_PTR (len=28)
smtp: 0x23bbf60: STATE_NEW -> STATE_CONNECTED
89080c4f60136a5e smtp event=connected address=192.168.50.1 host=192.168.50.1
filter: new query QUERY_CONNECT
filter: filter_drain_query 89080c5060380f52[QUERY_CONNECT=192.168.50.221 <-> 
192.168.50.1(192.168.50.1),filter_session@0x23bbba0[datalen=0,eom=(nil),ofile=(nil)]]
filter: filter_end_query 89080c5060380f52[QUERY_CONNECT=192.168.50.221 <-> 
192.168.50.1(192.168.50.1),filter_session@0x23bbba0[datalen=0,eom=(nil),ofile=(nil)]]
filter: query 89080c5060380f52 done: status=FILTER_OK code=0 response="(null)"
smtp: 0x23bbf60: >>> 220 mail.example.com ESMTP OpenSMTPD
smtp: 0x23bbf60: IO_LOWAT 
smtp: 0x23bbf60: IO_DATAIN 
smtp: 0x23bbf60: <<< EHLO [192.168.50.1]
filter: new query QUERY_HELO
filter: filter_drain_query 
89080c511256b740[QUERY_HELO=[192.168.50.1],filter_session@0x23bbba0[datalen=0,eom=(nil),ofile=(nil)]]
filter: filter_end_query