Hi all, I've read that verizon.net blocks all outgoing mail that doesn't carry a "verizon.net" address. Most of what I read came from marginally technical Windows and Mac users, and it's unclear if this means the "From" header (what the recipient sees) or the "mail from:" SMTP header, which the recipient doesn't see.
I just read that this policy quietly went away, so I decided to perform an experiment: [EMAIL PROTECTED] telnet outgoing.verizon.net 25 Trying 206.46.232.12... Connected to outgoing.verizon.net. Escape character is '^]'. 220 vms044pub.verizon.net -- Server ESMTP (Sun Java System Messaging Server 6.2-6.01 (built Apr 3 2006)) helo dirac.org 250 vms044pub.verizon.net OK, [71.249.112.20]. mail from: [EMAIL PROTECTED] 550 5.7.1 Authentication Required help 214-2.3.0 Available commands: 214-2.3.0 214-2.3.0 DATA, EHLO, EXPN, HELO, HELP, MAIL FROM 214-2.3.0 NOOP, QUIT, RCPT TO, RSET, SAML FROM 214-2.3.0 SEND FROM, SOML FROM, TICK, TURN 214-2.3.0 VERB, VRFY, XADR, XSTA, XCIR, ETRN 214-2.3.0 XGEN, LHLO, AUTH 214 2.3.0 quit 221 2.3.0 Bye received. Goodbye. Connection closed by foreign host. I had no idea what "AUTH" was, so I Googled. I think I have a better idea now, but I need some help setting it up. I found the "Postfix SASL Howto" at http://www.postfix.org/SASL_README.html. Currently going through it step by step. It appears I need something that implements SASL, a method to add security to older connection based protocols that don't have sufficient security. SMTP is one of them. 1. Going through the howto, it appears that the "Cyrus" implementation is what I want to use. So I installed: cyrus-common-2.2 cyrus-doc-2.2 cyrus-imapd-2.2 2. Next, I added the following lines to /etc/postfix/main.cf: relayhost = [outgoing.verizon.net] smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = no 3. Next, it looks like I need to tell Cyrus how to perform authentication. It looks like there are 3 methods of authentication: a. Unix password database. But I'm trying to authenticate myself to Verizon.net's SMTP server, so I'm *assuming* that they want my Verizon username/password. I suppose I could add a user/password to /etc/shadow that's the same as my Verizon login, but this method didn't seem appropriate. b. Using the saslauthd daemon which can use PAM. However, since I'm only going to be using this for outgoing mail, I don't want a running daemon just for this purpose. c. Cyrus's own password database. This seems like the right choice. The howto says I need to set: pwcheck_method: auxprop in /usr/local/lib/sasl2/smtpd.conf. However, the file doesn't exist. After hunting around, I found /etc/imapd.conf owned by cyrus-common-2.2, and there's two items that look promising: sasl_pwcheck_method: auxprop # sasl_auxprop_plugin: sasldb Not an exact match, but it's close. The docs say that by default "all plugins are tried, which is probably not what you want". At this point, I just want it to work and I'll finetune later. But I don't see any plugins in /usr/lib/sasl2 that identify themselves for SMTP authentication. I'll figure this out later. So it looks like the default options are good for me. 4. Next I'm supposed to populate the Cyrus database with: saslpasswd2 -c -u `postconf -h myhostname` MY_VERIZON_USERNAME which I did. I restarted postfix, and sent an email. It bounced shortly after: <[EMAIL PROTECTED]>: host outgoing.verizon.net[206.46.232.12] said: 550 5.7.1 Authentication Required (in reply to MAIL FROM command) So here I am. Angry. Frustrated. Not even sure if any of this is really remotely correct. It's ... absolutely bizarre that getting ESMTP to just "work" can be this difficult. Help? Pretty please? Pete _______________________________________________ vox-tech mailing list [email protected] http://lists.lugod.org/mailman/listinfo/vox-tech
