Re: OpenSMTPd authentication failed
Hi Tim, Thanks for the response. Placing the table name between <> solved the issue. After that smtpd indeed complained about the table not being found, which was solved by moving the table definitions before the listen statement. Greetings, Frank. — Apr 25 08:01:47 localhost smtpd[15911]: 1c75134ee470d49d smtp event=authentication user=test result=ok — > Op 24 apr. 2017, om 16:47 heeft Tim Kuijstenhet volgende > geschreven: > > On Mon, Apr 24, 2017 at 04:30:34PM +0200, Frank Timmers wrote: >> ... >> — smtpd.conf — >> pki mail.example.com certificate "/etc/opensmtpd/ssl.crt" >> pki mail.example.com key "/etc/opensmtpd/ssl.key" >> >> # Interface to listen on any address (needed for failover) >> listen on 0.0.0.0 secure auth smtp_users pki mail.example.com > > surround smtp_users with a < and > like: > listen on 0.0.0.0 secure auth pki mail.example.com > >> # Userlist >> table smtp_users file:/etc/opensmtpd/smtp_users > > and try defining the smtp_users table before your "listen on" line although I > would expect smtpd -n should have complained about that. > > -Tim > >> — smtp.conf — >> >> — smtp_users— >> test >> $6$F1n7ZnzRfkPbGLjV$qBw5kvTo0dnJOA5dR7OCiF94gGK5yLOxtH9D2T4/.AAVGgfyyjdunh.RaXS6O0VHPPKriWurP/WgESa/dpfij1 >> — smtpd_users— >> >> — /var/log/maillog— >> Apr 24 13:02:08 localhost smtpd[17028]: e3f09084856c63f5 smtp >> event=connected address=192.168.50.1 host=192.168.50.1 >> Apr 24 13:02:08 localhost smtpd[17028]: e3f09084856c63f5 smtp event=starttls >> ciphers="version=TLSv1.2, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256" >> Apr 24 13:02:08 localhost smtpd[17028]: e3f09084856c63f5 smtp >> event=authentication user=test result=permfail >> Apr 24 13:02:09 localhost smtpd[17028]: smtp-in: Failed command on session >> e3f09084856c63f5: "AUTH PLAIN (...)" => 535 Authentication failed >> Apr 24 13:02:09 localhost smtpd[17028]: e3f09084856c63f5 smtp >> event=authentication user=test result=permfail >> Apr 24 13:02:10 localhost smtpd[17028]: smtp-in: Failed command on session >> e3f09084856c63f5: "AUTH PLAIN (...)" => 535 Authentication failed >> Apr 24 13:02:10 localhost smtpd[17028]: e3f09084856c63f5 smtp >> event=authentication user=test result=permfail >> Apr 24 13:02:11 localhost smtpd[17028]: smtp-in: Failed command on session >> e3f09084856c63f5: "AUTH LOGIN (password)" => 535 Authentication failed >> Apr 24 13:02:11 localhost smtpd[17028]: e3f09084856c63f5 smtp >> event=authentication user=test result=permfail >> Apr 24 13:02:11 localhost smtpd[17028]: smtp-in: Failed command on session >> e3f09084856c63f5: "AUTH LOGIN (password)" => 535 Authentication failed >> Apr 24 13:02:11 localhost smtpd[17028]: e3f09084856c63f5 smtp event=closed >> reason=quit >> — /var/log/maillog — >> >> — smtp -dv -T all — >> TABLE "smtp_users" type=HASH config="/etc/opensmtpd/tables/smtp_users" >> "test" -> >> "$6$F1n7ZnzRfkPbGLjV$qBw5kvTo0dnJOA5dR7OCiF94gGK5yLOxtH9D2T4/.AAVGgfyyjdunh.RaXS6O0VHPPKriWurP/WgESa/dpfij1" >> mproc: lka -> pony: enabled >> imsg: pony <- parent: IMSG_CONF_START (len=0) >> imsg: pony <- parent: IMSG_CONF_END (len=0) >> debug: smtp: listen on 127.0.0.1 port 10028 flags 0x400 pki "" ca "" >> debug: smtp: listen on 0.0.0.0 port 25 flags 0x449 pki “mail.example.com" ca >> "" >> debug: smtp: listen on 0.0.0.0 port 465 flags 0x44a pki “mail.example.com" >> ca "" >> debug: pony: rsae_init >> debug: pony: rsae_init >> debug: smtp: will accept at most 2043 clients >> imsg: ca <- parent: IMSG_CONF_START (len=0) >> imsg: ca <- parent: IMSG_CONF_END (len=0) >> debug: init private ssl-tree >> mproc: ca -> pony: enabled >> queue-backend: queue_envelope_walk() -> -1 () >> debug: queue: done loading queue into scheduler >> debug: smtpd: scanning offline queue... >> debug: smtpd: offline scanning done >> debug: smtp: new client on listener: 0x23ca250 >> smtp: 0x23bbf60: connected to listener 0x23ca250 [hostname=mail.example.com, >> port=25, tag=] >> mproc: pony -> lka: allocating 128 >> mproc: pony -> lka : 34 IMSG_SMTP_DNS_PTR >> mproc: pony -> control: allocating 128 >> mproc: pony -> control : 47 IMSG_STAT_INCREMENT >> mproc: pony -> control : 53 IMSG_STAT_INCREMENT >> imsg: lka <- pony: IMSG_SMTP_DNS_PTR (len=34) >> imsg: control <- pony: IMSG_STAT_INCREMENT (len=47) >> ramstat: increment: smtp.session >> ramstat: smtp.session (0x9fc641): 0 -> 1 >> imsg: control <- pony: IMSG_STAT_INCREMENT (len=53) >> ramstat: increment: smtp.session.inet4 >> ramstat: smtp.session.inet4 (0x9fc641): 0 -> 1 >> mproc: lka -> pony: allocating 128 >> mproc: lka -> pony : 28 IMSG_SMTP_DNS_PTR >> imsg: pony <- lka: IMSG_SMTP_DNS_PTR (len=28) >> smtp: 0x23bbf60: STATE_NEW -> STATE_CONNECTED >> 89080c4f60136a5e smtp event=connected address=192.168.50.1 host=192.168.50.1 >> filter: new query QUERY_CONNECT >> filter: filter_drain_query 89080c5060380f52[QUERY_CONNECT=192.168.50.221 <-> >>
OpenSMTPd authentication failed
Hi, I’m trying to get authentication to work with opensmtpd, however I get the message “authentication failed”. Below you can find the content of smtpd.conf, smtp_users and /var/log/messages. The password has been encrypted with the “smtpctl encrypt” command. Can the issue be that the smtp_user table is read as "type=HASH” and the lookup is done as “type=CREDENTIALS”? Greetings, Frank. — smtpd.conf — pki mail.example.com certificate "/etc/opensmtpd/ssl.crt" pki mail.example.com key "/etc/opensmtpd/ssl.key" # Interface to listen on any address (needed for failover) listen on 0.0.0.0 secure auth smtp_users pki mail.example.com # Userlist table smtp_users file:/etc/opensmtpd/smtp_users — smtp.conf — — smtp_users— test $6$F1n7ZnzRfkPbGLjV$qBw5kvTo0dnJOA5dR7OCiF94gGK5yLOxtH9D2T4/.AAVGgfyyjdunh.RaXS6O0VHPPKriWurP/WgESa/dpfij1 — smtpd_users— — /var/log/maillog— Apr 24 13:02:08 localhost smtpd[17028]: e3f09084856c63f5 smtp event=connected address=192.168.50.1 host=192.168.50.1 Apr 24 13:02:08 localhost smtpd[17028]: e3f09084856c63f5 smtp event=starttls ciphers="version=TLSv1.2, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256" Apr 24 13:02:08 localhost smtpd[17028]: e3f09084856c63f5 smtp event=authentication user=test result=permfail Apr 24 13:02:09 localhost smtpd[17028]: smtp-in: Failed command on session e3f09084856c63f5: "AUTH PLAIN (...)" => 535 Authentication failed Apr 24 13:02:09 localhost smtpd[17028]: e3f09084856c63f5 smtp event=authentication user=test result=permfail Apr 24 13:02:10 localhost smtpd[17028]: smtp-in: Failed command on session e3f09084856c63f5: "AUTH PLAIN (...)" => 535 Authentication failed Apr 24 13:02:10 localhost smtpd[17028]: e3f09084856c63f5 smtp event=authentication user=test result=permfail Apr 24 13:02:11 localhost smtpd[17028]: smtp-in: Failed command on session e3f09084856c63f5: "AUTH LOGIN (password)" => 535 Authentication failed Apr 24 13:02:11 localhost smtpd[17028]: e3f09084856c63f5 smtp event=authentication user=test result=permfail Apr 24 13:02:11 localhost smtpd[17028]: smtp-in: Failed command on session e3f09084856c63f5: "AUTH LOGIN (password)" => 535 Authentication failed Apr 24 13:02:11 localhost smtpd[17028]: e3f09084856c63f5 smtp event=closed reason=quit — /var/log/maillog — — smtp -dv -T all — TABLE "smtp_users" type=HASH config="/etc/opensmtpd/tables/smtp_users" "test" -> "$6$F1n7ZnzRfkPbGLjV$qBw5kvTo0dnJOA5dR7OCiF94gGK5yLOxtH9D2T4/.AAVGgfyyjdunh.RaXS6O0VHPPKriWurP/WgESa/dpfij1" mproc: lka -> pony: enabled imsg: pony <- parent: IMSG_CONF_START (len=0) imsg: pony <- parent: IMSG_CONF_END (len=0) debug: smtp: listen on 127.0.0.1 port 10028 flags 0x400 pki "" ca "" debug: smtp: listen on 0.0.0.0 port 25 flags 0x449 pki “mail.example.com" ca "" debug: smtp: listen on 0.0.0.0 port 465 flags 0x44a pki “mail.example.com" ca "" debug: pony: rsae_init debug: pony: rsae_init debug: smtp: will accept at most 2043 clients imsg: ca <- parent: IMSG_CONF_START (len=0) imsg: ca <- parent: IMSG_CONF_END (len=0) debug: init private ssl-tree mproc: ca -> pony: enabled queue-backend: queue_envelope_walk() -> -1 () debug: queue: done loading queue into scheduler debug: smtpd: scanning offline queue... debug: smtpd: offline scanning done debug: smtp: new client on listener: 0x23ca250 smtp: 0x23bbf60: connected to listener 0x23ca250 [hostname=mail.example.com, port=25, tag=] mproc: pony -> lka: allocating 128 mproc: pony -> lka : 34 IMSG_SMTP_DNS_PTR mproc: pony -> control: allocating 128 mproc: pony -> control : 47 IMSG_STAT_INCREMENT mproc: pony -> control : 53 IMSG_STAT_INCREMENT imsg: lka <- pony: IMSG_SMTP_DNS_PTR (len=34) imsg: control <- pony: IMSG_STAT_INCREMENT (len=47) ramstat: increment: smtp.session ramstat: smtp.session (0x9fc641): 0 -> 1 imsg: control <- pony: IMSG_STAT_INCREMENT (len=53) ramstat: increment: smtp.session.inet4 ramstat: smtp.session.inet4 (0x9fc641): 0 -> 1 mproc: lka -> pony: allocating 128 mproc: lka -> pony : 28 IMSG_SMTP_DNS_PTR imsg: pony <- lka: IMSG_SMTP_DNS_PTR (len=28) smtp: 0x23bbf60: STATE_NEW -> STATE_CONNECTED 89080c4f60136a5e smtp event=connected address=192.168.50.1 host=192.168.50.1 filter: new query QUERY_CONNECT filter: filter_drain_query 89080c5060380f52[QUERY_CONNECT=192.168.50.221 <-> 192.168.50.1(192.168.50.1),filter_session@0x23bbba0[datalen=0,eom=(nil),ofile=(nil)]] filter: filter_end_query 89080c5060380f52[QUERY_CONNECT=192.168.50.221 <-> 192.168.50.1(192.168.50.1),filter_session@0x23bbba0[datalen=0,eom=(nil),ofile=(nil)]] filter: query 89080c5060380f52 done: status=FILTER_OK code=0 response="(null)" smtp: 0x23bbf60: >>> 220 mail.example.com ESMTP OpenSMTPD smtp: 0x23bbf60: IO_LOWAT smtp: 0x23bbf60: IO_DATAIN smtp: 0x23bbf60: <<< EHLO [192.168.50.1] filter: new query QUERY_HELO filter: filter_drain_query 89080c511256b740[QUERY_HELO=[192.168.50.1],filter_session@0x23bbba0[datalen=0,eom=(nil),ofile=(nil)]] filter: filter_end_query