Re: Postfix and Myvzw.com POP3 email
Good evening fellow Postfix-ers: Here is the end result as I have fixed my problem with my authorization issue and Myvzw.com. First of all, postconf -a indicated that my current install (CND solaris package) did not support Cyrus or Dovecot. This led me to do the following: 1. Downloaded from Sunfreeware.com the SASL 2.1.21 Solaris-sparc package (Please note that there's a symbolic link that is recommended on the Sunfreeware page. Depending on your library location, you need to make this link.) 2. Installed SASL using the pkgadd command 3. Configured SASL using the manual SMTP AUTH Using Cyrus and Postfix By Saul Cisneros. 4. Downloaded the latest version (2.7.2) of postfix. In compiling v2.7.2, it is extremely important to pass the correct arguments to your compiler. I used the following commands for Solaris 10: # make makefiles CCARGS=-DUSE_SASL_AUTH -DUSE_CYRUS_SASL-I/usr/include/sasl -I/usr/local/include/sasl -I/usr/local/lib/sasl2 AUXLIBS=-L/usr/local/lib -lsasl2 # make # make install After starting the new postfix up for the first time, I was seeing the following errors when first sending mail from my phone to my postfix server: Dec 29 20:16:59 server-new postfix/smtpd[1560]: [ID 197553 mail.info] connect from 49.sub-174-252-167.myvzw.com[174.252.167.49] Dec 29 20:16:59 server-new postfix/smtpd[1560]: [ID 947731 mail.warning] warning: SASL authentication failure: no secret in database Dec 29 20:16:59 server-new postfix/smtpd[1560]: [ID 947731 mail.warning] warning: 49.sub-174-252-167.myvzw.com[174.252.167.49]: SASL CRAM-MD5 authentication failed: authentication failure Dec 29 20:17:00 server-new postfix/smtpd[1560]: [ID 197553 mail.info] lost connection after AUTH from 49.sub-174-252-167.myvzw.com[174.252.167.49] Dec 29 20:17:00 server-new postfix/smtpd[1560]: [ID 197553 mail.info] disconnect from 49.sub-174-252-167.myvzw.com[174.252.167.49] In order to fix these errors, I had to do the following. 5. Created a SASL authentication db with the following command: # /usr/local/sbin/saslpasswd2 -f /etc/sasldb2 -u domain.com user (this step is not listed in the above manual) 6. Very Important!!! Created the smtpd.conf file in /usr/lib/sasl2. Contents of the conf file are as follows: pwcheck_method: saslauthd saslauthd_version: 2 mech_list: PLAIN LOGIN saslauthd_path: /var/run/saslauthd/mux/mux It should be noted that each time I made changes during trouble-shooting, I restarted postfix. Several times there were missing libraries that it complained about that I had to link or copy over. Also, I had to create a rc script for starting the sasl daemon. I apologize for the lack of technical detail. If anyone has specific questions on how I got this to work please email me at m...@lancertech.com and I will do my best to answer. Respectfully; Mark K. --
Re: Postfix and Myvzw.com POP3 email
On Thu, Dec 30, 2010 at 06:22:16AM -0500, Mark Khan wrote: 4. Downloaded the latest version (2.7.2) of postfix. In compiling v2.7.2, it is extremely important to pass the correct arguments to your compiler. I used the following commands for Solaris 10: # make makefiles CCARGS=-DUSE_SASL_AUTH -DUSE_CYRUS_SASL-I/usr/include/sasl -I/usr/local/include/sasl -I/usr/local/lib/sasl2 AUXLIBS=-L/usr/local/lib -lsasl2 For a submission service, it is best-practice to also support TLS. If I recall correctly, from the ldd output you posted previously, your original Postfix binaries had support for TLS (and also LDAP, ... but you likely don't need that). -- Viktor.
Re: Postfix and Myvzw.com POP3 email
Hi Victor: Thank you again for your response. I used the following package to install postfix: CNDpostfix-2.7.1,REV=100609-SunOS5.10-sparc.pkg. If you could please review the information below ,I am hoping that you or someone else in the postfix world can provide some direction on how to enable AUTH based on what I have so far. Please let me know if you need anymore information and I will be more than happy to provide it. According to documentation I should be able to tell what AUTH support is enabled by telneting to the systems mail port (25) and issuing an EHLO command which should list the supported options including AUTH. Here is my output: telnet www.lancertech.com 25 Trying 73.79.104.11... Connected to www.lancertech.com. Escape character is '^]'. 220 mail.lancertech.com ESMTP Postfix ehlo lancertech.com 250-mail.lancertech.com 250-PIPELINING 250-SIZE 4048 250-ETRN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN As you can see AUTH does not seem to be listed. I am not sure if this is because my main.cf file is not correctly configured or AUTH was not complied into this package. So I decided to look at the smtpd executable to see what AUTH was compiled into it by using the following strings command: rambo-new# strings /usr/libexec/postfix/smtpd | grep -i auth 550 5.7.0 Error: insufficient authorization 550 5.7.0 Error: insufficient authorization smtpd_sasl_auth_enable smtpd_sasl_authenticated_header broken_sasl_auth_clients smtpd_tls_auth_only permit_mynetworks, reject_unauth_destination smtpd_authorized_verp_clients $authorized_verp_clients smtpd_authorized_xclient_hosts smtpd_authorized_xforward_hosts i {auth_type} {auth_authen} {auth_author} {mail_addr} {mail_host} {mail_mailer} reject_unauth_destination reject_authenticated_sender_login_mismatch reject_unauthenticated_sender_login_mismatch permit_auth_destination reject_unauth_destination reject_unauth_pipelining all_auth_mx_addr reject_unauth_pipelining reject_authenticated_sender_login_mismatch reject_unauthenticated_sender_login_mismatch permit_auth_destination reject_unauth_destination permit_sasl_authenticated permit_sasl_authenticated cannot load Certificate Authority data: disabling TLS support AUTH MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY LANG=C debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqp d_authorized_clients,relay_domains,smtpd_access_maps send_cyrus_sasl_authzid no_unauth auth smtpd_sasl_auth_enable reject_unauth_destination rambo-new# I know probably not much help from above because I don't know what I am looking for to validate that AUTH is configured properly. Finally, I decided to see what LDD showed. Again there aren't a lot of examples of what these commands should look like if AUTH is installed correctly: libssl.so.0.9.7 = /usr/sfw/lib/libssl.so.0.9.7 libcrypto.so.0.9.7 =/usr/sfw/lib/libcrypto.so.0.9.7 libldap.so.5 = /usr/lib/libldap.so.5 libresolv.so.2 =/lib/libresolv.so.2 libsocket.so.1 =/lib/libsocket.so.1 libnsl.so.1 = /lib/libnsl.so.1 libc.so.1 = /lib/libc.so.1 libsasl.so.1 = /usr/lib/libsasl.so.1 libmd.so.1 =/lib/libmd.so.1 libnspr4.so = /usr/lib/mps/libnspr4.so libplc4.so =/usr/lib/mps/libplc4.so libnss3.so =/usr/lib/mps/libnss3.so libssl3.so =/usr/lib/mps/libssl3.so libmp.so.2 =/lib/libmp.so.2 libscf.so.1 = /lib/libscf.so.1 libpthread.so.1 = /lib/libpthread.so.1 librt.so.1 =/lib/librt.so.1 libdl.so.1 =/lib/libdl.so.1 libnssutil3.so =/usr/lib/mps/libnssutil3.so libplds4.so = /usr/lib/mps/libplds4.so libthread.so.1 =/lib/libthread.so.1 libdoor.so.1 = /lib/libdoor.so.1 libuutil.so.1 = /lib/libuutil.so.1 libgen.so.1 = /lib/libgen.so.1 libaio.so.1 = /lib/libaio.so.1 libssl_extra.so.0.9.7 = /usr/sfw/lib/libssl_extra.so.0.9.7 libcrypto_extra.so.0.9.7 = /usr/sfw/lib/libcrypto_extra.so.0.9.7 libm.so.2 = /lib/libm.so.2 /platform/SUNW,Sun-Blade-100/lib/libc_psr.so.1 /platform/SUNW,Sun-Blade-100/lib/libmd_psr.so.1 /usr/lib/mps/cpu/sparcv8plus/libnspr_flt4.so : On 12/27/10 5:45 PM, Victor Duchovni victor.ducho...@morganstanley.com wrote: On Mon, Dec 27, 2010 at 05:29:18PM -0500, Mark Khan wrote: My postfix server works with all other POP3 email providers (AOL, Meaasgelabs, etc) except Verizon?s myvzw.com which of course is what my new droid X uses. POP3 is configured with just login and password. No TLS. What does POP3 have to do with Postfix? Postfix is NOT a POP server. Here is the the mynetworks configuration line entries from main.cf: # Added verizon wireless IP 174.252.0.0 to MYNETWORKS mynetworks = 174.252.134.106 106.134.252.174.in-addr.arpa. 7157 IN PTR
Re: Postfix and Myvzw.com POP3 email
Le 28/12/2010 13:34, Mark Khan a écrit : Hi Victor: Thank you again for your response. I used the following package to install postfix: CNDpostfix-2.7.1,REV=100609-SunOS5.10-sparc.pkg. If you could please review the information below ,I am hoping that you or someone else in the postfix world can provide some direction on how to enable AUTH based on what I have so far. Please let me know if you need anymore information and I will be more than happy to provide it. According to documentation I should be able to tell what AUTH support is enabled by telneting to the systems mail port (25) and issuing an EHLO command which should list the supported options including AUTH. Here is my output: telnet www.lancertech.com 25 Trying 73.79.104.11... Connected to www.lancertech.com. Escape character is '^]'. 220 mail.lancertech.com ESMTP Postfix ehlo lancertech.com 250-mail.lancertech.com 250-PIPELINING 250-SIZE 4048 250-ETRN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN As you can see AUTH does not seem to be listed. I am not sure if this is because my main.cf file is not correctly configured or AUTH was not complied into this package. So I decided to look at the smtpd executable to see what AUTH was compiled into it by using the following strings command: your postfix has support for AUTH. If you also have dovecot, then it's easier to use dovecot-auth. otherwise, use cyrus sasl. The documentation is at http://www.postfix.org/SASL_README.html [snip]
Re: Postfix and Myvzw.com POP3 email
On 12/28/10 2:41 PM, mouss wrote: your postfix has support for AUTH. If you also have dovecot, then it's easier to use dovecot-auth. otherwise, use cyrus sasl. If he doesn't have dovecot, it is still easier than cyrus :) -- J.
Re: Postfix and Myvzw.com POP3 email
On Tue, 28 Dec 2010 14:45:16 +0100 Jeroen Geilman jer...@adaptr.nl articulated: On 12/28/10 2:41 PM, mouss wrote: your postfix has support for AUTH. If you also have dovecot, then it's easier to use dovecot-auth. otherwise, use cyrus sasl. If he doesn't have dovecot, it is still easier than cyrus :) I have never had a problem with cyrus-sasl configuration and usage. I am presently using cyrus-sasl with mysql and it works flawlessly. I have had problems in the past with Dovecot and authentication when Dovecot was updated. I honestly don't remember the last time that I had to update cyrus though. In any case, I prefer to keep things isolated in a situation like this. It makes debugging easier, or at least for me it does. As a side note, there appears to be a problem on FreeBSD with the recent update of MySQL-5.5.8 and Postfix/Dovecot. I cannot confirm this since I have not updated to that version of MySQL as of yet myself. -- Jerry ✌ postfix-u...@seibercom.net _ TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html
Re: Postfix and Myvzw.com POP3 email
Le 28/12/2010 15:25, Jerry a écrit : On Tue, 28 Dec 2010 14:45:16 +0100 Jeroen Geilman jer...@adaptr.nl articulated: On 12/28/10 2:41 PM, mouss wrote: your postfix has support for AUTH. If you also have dovecot, then it's easier to use dovecot-auth. otherwise, use cyrus sasl. If he doesn't have dovecot, it is still easier than cyrus :) I have never had a problem with cyrus-sasl configuration and usage. I am presently using cyrus-sasl with mysql and it works flawlessly. I have had problems in the past with Dovecot and authentication when Dovecot was updated. I honestly don't remember the last time that I had to update cyrus though. In any case, I prefer to keep things isolated in a situation like this. It makes debugging easier, or at least for me it does. on the other side, with cyrus-sasl, you are linking complex code with postfix. with dovecot, only a small portion to implemented dovecot-auth protocol is included. so from a security and isolation viewpoint, dovecot-auth seems better to me. (my experience with cyrus sasl dates back to a long time. at the time, debugging was a nightmare. the location of smtpd.conf was hardcoded, and it was to be put with cyrus libraries, which was ugly. some distros used to change this but that made finding it a first barrier to getting things working. things have changed since then though). As a side note, there appears to be a problem on FreeBSD with the recent update of MySQL-5.5.8 and Postfix/Dovecot. I cannot confirm this since I have not updated to that version of MySQL as of yet myself. nor did I, so I can't tell. I hope to upgrade to postgres instead;-p
Re: Postfix and Myvzw.com POP3 email
On Tue, Dec 28, 2010 at 06:51:23PM +0100, mouss wrote: I have never had a problem with cyrus-sasl configuration and usage. I am presently using cyrus-sasl with mysql and it works flawlessly. I have had problems in the past with Dovecot and authentication when Dovecot was updated. I honestly don't remember the last time that I had to update cyrus though. In any case, I prefer to keep things isolated in a situation like this. It makes debugging easier, or at least for me it does. on the other side, with cyrus-sasl, you are linking complex code with postfix. with dovecot, only a small portion to implemented dovecot-auth protocol is included. Let's not hijack the user's thread into a discussion of Cyrus SASL or Dovecot SASL pros and cons. The OP, if he still needs help needs to be more explicit about the client configuration and capabilities, and needs to read http://www.postfix.org/SASL_README.html to learn more about SASL support in the Postfix SMTP server. -- Viktor.
Postfix and Myvzw.com POP3 email
Good Evening: Ok I have struggled and I have no idea what to do next so I would greatly appreciate any and all help. My postfix server works with all other POP3 email providers (AOL, Meaasgelabs, etc) except Verizon¹s myvzw.com which of course is what my new droid X uses. POP3 is configured with just login and password. No TLS. Here is the the mynetworks configuration line entries from main.cf: # Added verizon wireless IP 174.252.0.0 to MYNETWORKS mynetworks = 174.252.134.106 And here are the errors Dec 26 22:54:51 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] connect from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:51 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] lost connection after UNKNOWN from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:51 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] disconnect from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:51 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] connect from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:52 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] lost connection after UNKNOWN from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:52 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] disconnect from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:52 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] connect from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:52 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] lost connection after UNKNOWN from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:52 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] disconnect from 106.sub-174-252-134.myvzw.com[174.252.134.106] DNS Testing: rambo-new# nslookup myvzw.com Server: 128.29.127.128 Address:128.29.127.128#53 Non-authoritative answer: Name: myvzw.com Address: 207.68.174.238 rambo-new# nslookup 106.sub-174-252-134.myvzw.com Server: 128.29.127.128 Address:128.29.127.128#53 Non-authoritative answer: Name: 106.sub-174-252-134.myvzw.com Address: 174.252.134.106 Again any and all help will be greatly appreciated. Respectfully; Mark K. Respectfully; Mark Khan Joint Communications Support Element Information Assurance Officer 813-828-5747 --
Re: Postfix and Myvzw.com POP3 email
On 12/27/2010 4:29 PM, Mark Khan wrote: Good Evening: Ok I have struggled and I have no idea what to do next so I would greatly appreciate any and all help. My postfix server works with all other POP3 email providers (AOL, Meaasgelabs, etc) except Verizon’s myvzw.com which of course is what my new droid X uses. POP3 is configured with just login and password. No TLS. Postfix isn't a POP3 server.
Re: Postfix and Myvzw.com POP3 email
On Mon, Dec 27, 2010 at 05:29:18PM -0500, Mark Khan wrote: My postfix server works with all other POP3 email providers (AOL, Meaasgelabs, etc) except Verizon?s myvzw.com which of course is what my new droid X uses. POP3 is configured with just login and password. No TLS. What does POP3 have to do with Postfix? Postfix is NOT a POP server. Here is the the mynetworks configuration line entries from main.cf: # Added verizon wireless IP 174.252.0.0 to MYNETWORKS mynetworks = 174.252.134.106 106.134.252.174.in-addr.arpa. 7157 IN PTR 106.sub-174-252-134.myvzw.com. What is this host and Why should it host be in mynetworks? Is this a static IP assignment for a Verizon SMTP relay or an individual phone that you want to configure to submit via your server (in either case POP3 is a red-herring). And here are the errors Dec 26 22:54:51 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] connect from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:51 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] lost connection after UNKNOWN from 106.sub-174-252-134.myvzw.com[174.252.134.106] The SMTP client sent an unsupported SMTP command to Postfix and hung up after Postfix sent: 502 5.5.2 Error: command not recognized -- Viktor.
Re: Postfix and Myvzw.com POP3 email
Hi Victor: Here is a snoop snippet of a failed email. I am hoping you can you tell me how to configure postfix to ignore AUTH requests? 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50726 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50726 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50726 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50726 220 mail.lancertech. 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50726 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50726 EHLO mail.lancertech rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50726 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50726 250-mail.lancertech. 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50726 AUTH CRAM-MD5\r\n rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50726 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50726 502 5.5.2 Error: com 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50726 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50726 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50726 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50728 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50728 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50726 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50728 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50728 220 mail.lancertech. 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50728 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50728 EHLO mail.lancertech rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50728 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50728 250-mail.lancertech. 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50728 AUTH PLAIN AG1hawAxN rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50728 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50728 502 5.5.2 Error: com 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50728 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50728 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50728 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50740 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50740 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50728 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50740 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50740 220 mail.lancertech. 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50740 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50740 EHLO mail.lancertech rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50740 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50740 250-mail.lancertech. 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50740 AUTH LOGIN\r\n rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50740 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50740 502 5.5.2 Error: com 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50740 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50740 rambo-new - 105.sub-174-252-160.myvzw.com SMTP R port=50740 105.sub-174-252-160.myvzw.com - rambo-newSMTP C port=50740 On 12/27/10 5:45 PM, Victor Duchovni victor.ducho...@morganstanley.com wrote: On Mon, Dec 27, 2010 at 05:29:18PM -0500, Mark Khan wrote: My postfix server works with all other POP3 email providers (AOL, Meaasgelabs, etc) except Verizon?s myvzw.com which of course is what my new droid X uses. POP3 is configured with just login and password. No TLS. What does POP3 have to do with Postfix? Postfix is NOT a POP server. Here is the the mynetworks configuration line entries from main.cf: # Added verizon wireless IP 174.252.0.0 to MYNETWORKS mynetworks = 174.252.134.106 106.134.252.174.in-addr.arpa. 7157 IN PTR 106.sub-174-252-134.myvzw.com. What is this host and Why should it host be in mynetworks? Is this a static IP assignment for a Verizon SMTP relay or an individual phone that you want to configure to submit via your server (in either case POP3 is a red-herring). And here are the errors Dec 26 22:54:51 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] connect from 106.sub-174-252-134.myvzw.com[174.252.134.106] Dec 26 22:54:51 rambo-new postfix/smtpd[1278]: [ID 197553 mail.info] lost connection after UNKNOWN from 106.sub-174-252-134.myvzw.com[174.252.134.106] The SMTP client sent an unsupported SMTP command to Postfix and hung up after Postfix sent: 502 5.5.2 Error: command not recognized --
Re: Postfix and Myvzw.com POP3 email
On Mon, Dec 27, 2010 at 07:50:18PM -0500, Mark Khan wrote: Hi Victor: Here is a snoop snippet of a failed email. I am hoping you can you tell me how to configure postfix to ignore AUTH requests? Why should it ignore AUTH? Why not configure support for AUTH, especially from mobile handsets, whose IP addresses MUST not be listed in mynetworks unless you are the mobile network provider? S: 220 mail.lancertech C: EHLO mail.lancertech S: 250-mail.lancertech C: AUTH CRAM-MD5\r\n S: 502 5.5.2 Error: ... The SMTP client sent an unsupported SMTP command to Postfix and hung up after Postfix sent: 502 5.5.2 Error: command not recognized Configure your server to support an AUTH mechanism (usually PLAIN after STARTTLS) that is supported by the client. -- Viktor.