info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Auth quit working today What changed...
19 views
Skip to first unread message
Harry Putnam
Aug 10, 2017, 7:12:31 PM8/10/17
to
setup: OS debian 9 (stretch) running in a vbox vm on an openindiana (a
solaris 11 branch) host.
Single user home machine on a home lan no resolvable fqdn
sendmail 8.15.2-8 Using internet SMART_HOST
I've moved to new host with sendmail recently ... changed versions of
debian and went with a full install.
I had sendmail working for a few days but it quit working to day.
I didn't make changes on my end so must assume something changed at
the server. Well, I didn't make changes until it quit working but
have now tried quite a few things.
I have the authenticating credentials in access that looks like below
but with the key fields munged (This was not changed):
(From /etc/access)
AuthInfo:mail.messagingengine.com "U:m...@mail.addr" "P:mypasswd" "M:PLAIN"
Sorry about the hefty amount of data included below but I don't know
enough to know what is usefull or what isn't.
In the included *.mc... I will say it began life as a debian installed
file. It has kicked around in different forms for a good while.
My usage is pretty slight, compared to many of the folks here so there
is probably quite a bit in there... I don't need.
I don't know enough to prune it down but I'm sure there is plenty in
there that doesn't need to be. Anyone wanting to comment on that,
please do, I'd like to pair it down.
I'd have to do it by experimentation...
However, I've found over the yrs that very much experimenting by
someone considerably less than knowledgable, can lead to wearing out
ones welcome with an obliging SMART_HOST. And I have been locked out
of a few over time.
1) The captured smtp conversation from a command line mailx send on verbose.
2) the mail.logs produced by the sent mail.
3) the sendmail.mc
------- ------- ---=--- ------- -------
1) verbose smtp conversation.
------- ------- ---=--- ------- -------
mailx -v -s "TEST 170810_181123 d0" hp...@fastmail.fm < ~/txtmsg.txt
hp...@fastmail.fm... Connecting to [127.0.0.1] via relay...
220 d0.local.lan ESMTP Sendmail 8.15.2/8.16.0.19/Debian-8; Thu, 10 Aug 2017 18:11:25 -0400; (No UCE/UBE) logging access from: d0.local.lan(OK)-d0.local.lan [127.0.0.1]
>>> EHLO d0.local.lan
250-d0.local.lan Hello d0.local.lan [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH LOGIN PLAIN
250-DELIVERBY
250 HELP
>>> VERB
250 2.0.0 Verbose mode
>>> MAIL From:<rea...@d0.local.lan> SIZE=1147 AUTH=rea...@d0.local.lan
250 2.1.0 <rea...@d0.local.lan>... Sender ok
>>> RCPT To:<hp...@fastmail.fm>
>>> DATA
250 2.1.5 <hp...@fastmail.fm>... Recipient ok
354 Enter mail, end with "." on a line by itself
>>> .
050 <hp...@fastmail.fm>... Connecting to mail.messagingengine.com. port 587 via relay...
050 220 mail.messagingengine.com ESMTP ready
050 >>> EHLO d0.local.lan
050 250-mail.messagingengine.com
050 250-PIPELINING
050 250-SIZE 71000000
050 250-ENHANCEDSTATUSCODES
050 250-8BITMIME
050 250 STARTTLS
050 >>> STARTTLS
050 220 2.0.0 Start TLS
050 >>> EHLO d0.local.lan
050 250-mail.messagingengine.com
050 250-PIPELINING
050 250-SIZE 71000000
050 250-ENHANCEDSTATUSCODES
050 250-8BITMIME
050 250-AUTH PLAIN LOGIN
050 250 AUTH=PLAIN LOGIN
050 >>> AUTH PLAIN aHB1dDNAZmFzdG1haWwuZm0AaHB1dDNAZmFzdG1haWwuZm0AamlueDAyMTc=
050 535 5.7.0 Incorrect username or password.
050 >>> MAIL From:<rea...@d0.local.lan> SIZE=1385 AUTH=<>
050 530 5.7.1 Authentication required
050 <rea...@d0.local.lan>... Connecting to local...
050 <rea...@d0.local.lan>... Sent
250 2.0.0 v7AMBPTG005299 Message accepted for delivery
hp...@fastmail.fm... Sent (v7AMBPTG005299 Message accepted for delivery)
Closing connection to [127.0.0.1]
>>> QUIT
------- --------- ---=--- --------- --------
2) /var/log/mail.log
------- --------- ---=--- --------- --------
Aug 10 18:11:25 d0 sendmail[5298]: v7AMBPTD005298: from=reader,
size=1147, class=0, nrcpts=1,
msgid=<201708102211....@d0.local.lan>, relay=reader@localhost
Aug 10 18:11:25 d0 sm-mta[5299]: v7AMBPTG005299:
from=<rea...@d0.local.lan>, size=1385, class=0, nrcpts=1,
msgid=<201708102211....@d0.local.lan>, proto=ESMTP,
daemon=MTA-v4, relay=d0.local.lan [127.0.0.1]
Aug 10 18:11:25 d0 sm-mta[5299]: STARTTLS=client,
relay=mail.messagingengine.com., version=TLSv1.2, verify=FAIL,
cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256
Aug 10 18:11:29 d0 sm-mta[5299]: v7AMBPTG005299: to=<hp...@fastmail.fm>,
ctladdr=<rea...@d0.local.lan> (1000/1050), delay=00:00:04,
xdelay=00:00:04, mailer=relay, pri=31385,
relay=mail.messagingengine.com. [66.111.4.52], dsn=5.0.0, stat=Service
unavailable
Aug 10 18:11:29 d0 sm-mta[5299]: v7AMBPTG005299: v7AMBPTH005299: DSN:
Service unavailable
------- ------- ---=--- ------- -------
3) sendmail.mc
------- ------- ---=--- ------- -------
grep -vP '^(dnl|#)' /etc/mail/sendmail.mc
divert(-1)dnl
divert(0)dnl
define(`_USE_ETC_MAIL_')dnl
include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
VERSIONID(`$Id: sendmail.mc, v 8.14.4-8+deb8u1 2016-06-30 18:08:19 cowboy Exp $')
OSTYPE(`debian')dnl
DOMAIN(`debian-mta')dnl
undefine(`confHOST_STATUS_DIRECTORY')dnl #DAEMON_HOSTSTATS=
FEATURE(`no_default_msa')dnl
DAEMON_OPTIONS(`Family=inet, Name=MTA-v4, Port=smtp')dnl
DAEMON_OPTIONS(`Family=inet, Name=MSP-v4, Port=submission, M=Ea')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
define(`confPRIVACY_FLAGS',dnl
`needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl
define(`confCONNECTION_RATE_THROTTLE', `15')dnl
define(`confCONNECTION_RATE_WINDOW_SIZE',`10m')dnl
FEATURE(`use_cw_file')dnl
define(`confAUTH_MECHANISMS',`LOGIN PLAIN')dnl
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')
define(`SMART_HOST',`[mail.messagingengine.com]')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
FEATURE(`greet_pause', `1000')dnl 1 seconds
FEATURE(`delay_checks', `friend', `n')dnl
define(`confBAD_RCPT_THROTTLE',`3')dnl
FEATURE(`conncontrol', `nodelay', `terminate')dnl
FEATURE(`ratecontrol', `nodelay', `terminate')dnl
include(`/etc/mail/m4/dialup.m4')dnl
include(`/etc/mail/m4/provider.m4')dnl
MAILER_DEFINITIONS
MAILER(`local')dnl
MAILER(`procmail')
MAILER(`smtp')dnl
solaris 11 branch) host.
Single user home machine on a home lan no resolvable fqdn
sendmail 8.15.2-8 Using internet SMART_HOST
I've moved to new host with sendmail recently ... changed versions of
debian and went with a full install.
I had sendmail working for a few days but it quit working to day.
I didn't make changes on my end so must assume something changed at
the server. Well, I didn't make changes until it quit working but
have now tried quite a few things.
I have the authenticating credentials in access that looks like below
but with the key fields munged (This was not changed):
(From /etc/access)
AuthInfo:mail.messagingengine.com "U:m...@mail.addr" "P:mypasswd" "M:PLAIN"
Sorry about the hefty amount of data included below but I don't know
enough to know what is usefull or what isn't.
In the included *.mc... I will say it began life as a debian installed
file. It has kicked around in different forms for a good while.
My usage is pretty slight, compared to many of the folks here so there
is probably quite a bit in there... I don't need.
I don't know enough to prune it down but I'm sure there is plenty in
there that doesn't need to be. Anyone wanting to comment on that,
please do, I'd like to pair it down.
I'd have to do it by experimentation...
However, I've found over the yrs that very much experimenting by
someone considerably less than knowledgable, can lead to wearing out
ones welcome with an obliging SMART_HOST. And I have been locked out
of a few over time.
1) The captured smtp conversation from a command line mailx send on verbose.
2) the mail.logs produced by the sent mail.
3) the sendmail.mc
------- ------- ---=--- ------- -------
1) verbose smtp conversation.
------- ------- ---=--- ------- -------
mailx -v -s "TEST 170810_181123 d0" hp...@fastmail.fm < ~/txtmsg.txt
hp...@fastmail.fm... Connecting to [127.0.0.1] via relay...
220 d0.local.lan ESMTP Sendmail 8.15.2/8.16.0.19/Debian-8; Thu, 10 Aug 2017 18:11:25 -0400; (No UCE/UBE) logging access from: d0.local.lan(OK)-d0.local.lan [127.0.0.1]
>>> EHLO d0.local.lan
250-d0.local.lan Hello d0.local.lan [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-EXPN
250-VERB
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH LOGIN PLAIN
250-DELIVERBY
250 HELP
>>> VERB
250 2.0.0 Verbose mode
>>> MAIL From:<rea...@d0.local.lan> SIZE=1147 AUTH=rea...@d0.local.lan
250 2.1.0 <rea...@d0.local.lan>... Sender ok
>>> RCPT To:<hp...@fastmail.fm>
>>> DATA
250 2.1.5 <hp...@fastmail.fm>... Recipient ok
354 Enter mail, end with "." on a line by itself
>>> .
050 <hp...@fastmail.fm>... Connecting to mail.messagingengine.com. port 587 via relay...
050 220 mail.messagingengine.com ESMTP ready
050 >>> EHLO d0.local.lan
050 250-mail.messagingengine.com
050 250-PIPELINING
050 250-SIZE 71000000
050 250-ENHANCEDSTATUSCODES
050 250-8BITMIME
050 250 STARTTLS
050 >>> STARTTLS
050 220 2.0.0 Start TLS
050 >>> EHLO d0.local.lan
050 250-mail.messagingengine.com
050 250-PIPELINING
050 250-SIZE 71000000
050 250-ENHANCEDSTATUSCODES
050 250-8BITMIME
050 250-AUTH PLAIN LOGIN
050 250 AUTH=PLAIN LOGIN
050 >>> AUTH PLAIN aHB1dDNAZmFzdG1haWwuZm0AaHB1dDNAZmFzdG1haWwuZm0AamlueDAyMTc=
050 535 5.7.0 Incorrect username or password.
050 >>> MAIL From:<rea...@d0.local.lan> SIZE=1385 AUTH=<>
050 530 5.7.1 Authentication required
050 <rea...@d0.local.lan>... Connecting to local...
050 <rea...@d0.local.lan>... Sent
250 2.0.0 v7AMBPTG005299 Message accepted for delivery
hp...@fastmail.fm... Sent (v7AMBPTG005299 Message accepted for delivery)
Closing connection to [127.0.0.1]
>>> QUIT
------- --------- ---=--- --------- --------
2) /var/log/mail.log
------- --------- ---=--- --------- --------
Aug 10 18:11:25 d0 sendmail[5298]: v7AMBPTD005298: from=reader,
size=1147, class=0, nrcpts=1,
msgid=<201708102211....@d0.local.lan>, relay=reader@localhost
Aug 10 18:11:25 d0 sm-mta[5299]: v7AMBPTG005299:
from=<rea...@d0.local.lan>, size=1385, class=0, nrcpts=1,
msgid=<201708102211....@d0.local.lan>, proto=ESMTP,
daemon=MTA-v4, relay=d0.local.lan [127.0.0.1]
Aug 10 18:11:25 d0 sm-mta[5299]: STARTTLS=client,
relay=mail.messagingengine.com., version=TLSv1.2, verify=FAIL,
cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256
Aug 10 18:11:29 d0 sm-mta[5299]: v7AMBPTG005299: to=<hp...@fastmail.fm>,
ctladdr=<rea...@d0.local.lan> (1000/1050), delay=00:00:04,
xdelay=00:00:04, mailer=relay, pri=31385,
relay=mail.messagingengine.com. [66.111.4.52], dsn=5.0.0, stat=Service
unavailable
Aug 10 18:11:29 d0 sm-mta[5299]: v7AMBPTG005299: v7AMBPTH005299: DSN:
Service unavailable
------- ------- ---=--- ------- -------
3) sendmail.mc
------- ------- ---=--- ------- -------
grep -vP '^(dnl|#)' /etc/mail/sendmail.mc
divert(-1)dnl
divert(0)dnl
define(`_USE_ETC_MAIL_')dnl
include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
VERSIONID(`$Id: sendmail.mc, v 8.14.4-8+deb8u1 2016-06-30 18:08:19 cowboy Exp $')
OSTYPE(`debian')dnl
DOMAIN(`debian-mta')dnl
undefine(`confHOST_STATUS_DIRECTORY')dnl #DAEMON_HOSTSTATS=
FEATURE(`no_default_msa')dnl
DAEMON_OPTIONS(`Family=inet, Name=MTA-v4, Port=smtp')dnl
DAEMON_OPTIONS(`Family=inet, Name=MSP-v4, Port=submission, M=Ea')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
define(`confPRIVACY_FLAGS',dnl
`needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl
define(`confCONNECTION_RATE_THROTTLE', `15')dnl
define(`confCONNECTION_RATE_WINDOW_SIZE',`10m')dnl
FEATURE(`use_cw_file')dnl
define(`confAUTH_MECHANISMS',`LOGIN PLAIN')dnl
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')
define(`SMART_HOST',`[mail.messagingengine.com]')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
FEATURE(`greet_pause', `1000')dnl 1 seconds
FEATURE(`delay_checks', `friend', `n')dnl
define(`confBAD_RCPT_THROTTLE',`3')dnl
FEATURE(`conncontrol', `nodelay', `terminate')dnl
FEATURE(`ratecontrol', `nodelay', `terminate')dnl
include(`/etc/mail/m4/dialup.m4')dnl
include(`/etc/mail/m4/provider.m4')dnl
MAILER_DEFINITIONS
MAILER(`local')dnl
MAILER(`procmail')
MAILER(`smtp')dnl
Claus Aßmann
Aug 10, 2017, 9:50:05 PM8/10/17
to
Nice attempt at obfuscation here, but ...
You just posted your real AUTH data...
> 050 535 5.7.0 Incorrect username or password.
Well, at least mail.messagingengine.com doesn't like your "username
or password" so it doesn't matter too much...
You have to contact them to set a new password and try that.
sendmail uses the AUTH data you provided with the server, so there
isn't much in the config/setup that seems to cause a problem, it
just "seems" to be incorrect (maybe the provider changed it for
some reason, e.g., maybe the account has been compromised and
locked?)
--
Note: please read the netiquette before posting. I will almost never
reply to top-postings which include a full copy of the previous
article(s) at the end because it's annoying, shows that the poster
is too lazy to trim his article, and it's wasting the time of all readers.
> 050 <hp...@fastmail.fm>... Connecting to mail.messagingengine.com. port 587 via relay...
> 050 220 mail.messagingengine.com ESMTP ready
> 050 >>> AUTH PLAIN aHB1dDNAZmFzdG1haWwuZm0AaHB1dDNAZmFzdG1haWwuZm0AamlueDAyMTc=
> 050 220 mail.messagingengine.com ESMTP ready
You just posted your real AUTH data...
> 050 535 5.7.0 Incorrect username or password.
or password" so it doesn't matter too much...
You have to contact them to set a new password and try that.
sendmail uses the AUTH data you provided with the server, so there
isn't much in the config/setup that seems to cause a problem, it
just "seems" to be incorrect (maybe the provider changed it for
some reason, e.g., maybe the account has been compromised and
locked?)
--
Note: please read the netiquette before posting. I will almost never
reply to top-postings which include a full copy of the previous
article(s) at the end because it's annoying, shows that the poster
is too lazy to trim his article, and it's wasting the time of all readers.
Harry Putnam
Aug 11, 2017, 9:31:35 AM8/11/17
to
Claus Aßmann
credentials can you explain?
>> 050 535 5.7.0 Incorrect username or password.
Yes, I saw that .. but I suspect there is something else wrong. My
passwd works as always for login on there website.
> Well, at least mail.messagingengine.com doesn't like your "username
> or password" so it doesn't matter too much...
> You have to contact them to set a new password and try that.
>
> sendmail uses the AUTH data you provided with the server, so there
> isn't much in the config/setup that seems to cause a problem, it
> just "seems" to be incorrect (maybe the provider changed it for
> some reason, e.g., maybe the account has been compromised and
> locked?)
Well no, at least not at the website... Of course, I've now changed it
after your comment.
Fastmail is not big on doing business on the phone so I have sent in a
`trouble ticket' but from the past I know it is likely to take a few
days to get anywhere with that.
After changing the passwd: Retrying to send out in the same way I
posted about ... I get very similar (with new dates and etc ) smtp
conversation and logs as prior to changing it.
Now I'm scared to post the information... maybe you can explain what I
can safely post.
Perhaps this is not phrased in the right terminology but hopefully my
question will be clear enough: Can you tell by the information in the
mail logs posted, what type of system/protocol that smtp server is
expecting my login in to be using?
I had the hunch that perhaps that is what changed.. but don't really
know enough to determine what is expected from the logs.
<ca+sendmail(-no-copies-please)@mine.informatik.uni-kiel.de> writes:
> Harry Putnam wrote:
>
>> AuthInfo:mail.messagingengine.com "U:m...@mail.addr" "P:mypasswd" "M:PLAIN"
>
> Nice attempt at obfuscation here, but ...
>
>> mailx -v -s "TEST 170810_181123 d0" hp...@fastmail.fm < ~/txtmsg.txt
>
>> 050 <hp...@fastmail.fm>... Connecting to mail.messagingengine.com. port 587 via relay...
>> 050 220 mail.messagingengine.com ESMTP ready
>
>> 050 >>> AUTH PLAIN aHB1dDNAZmFzdG1haWwuZm0AaHB1dDNAZmFzdG1haWwuZm0AamlueDAyMTc=
> You just posted your real AUTH data...
Well, I guess that was stupid..., but it doesn't look much like my
> Harry Putnam wrote:
>
>> AuthInfo:mail.messagingengine.com "U:m...@mail.addr" "P:mypasswd" "M:PLAIN"
>
> Nice attempt at obfuscation here, but ...
>
>> mailx -v -s "TEST 170810_181123 d0" hp...@fastmail.fm < ~/txtmsg.txt
>
>> 050 <hp...@fastmail.fm>... Connecting to mail.messagingengine.com. port 587 via relay...
>> 050 220 mail.messagingengine.com ESMTP ready
>
>> 050 >>> AUTH PLAIN aHB1dDNAZmFzdG1haWwuZm0AaHB1dDNAZmFzdG1haWwuZm0AamlueDAyMTc=
> You just posted your real AUTH data...
credentials can you explain?
>> 050 535 5.7.0 Incorrect username or password.
passwd works as always for login on there website.
> Well, at least mail.messagingengine.com doesn't like your "username
> or password" so it doesn't matter too much...
> You have to contact them to set a new password and try that.
>
> sendmail uses the AUTH data you provided with the server, so there
> isn't much in the config/setup that seems to cause a problem, it
> just "seems" to be incorrect (maybe the provider changed it for
> some reason, e.g., maybe the account has been compromised and
> locked?)
after your comment.
Fastmail is not big on doing business on the phone so I have sent in a
`trouble ticket' but from the past I know it is likely to take a few
days to get anywhere with that.
After changing the passwd: Retrying to send out in the same way I
posted about ... I get very similar (with new dates and etc ) smtp
conversation and logs as prior to changing it.
Now I'm scared to post the information... maybe you can explain what I
can safely post.
Perhaps this is not phrased in the right terminology but hopefully my
question will be clear enough: Can you tell by the information in the
mail logs posted, what type of system/protocol that smtp server is
expecting my login in to be using?
I had the hunch that perhaps that is what changed.. but don't really
know enough to determine what is expected from the logs.
Claus Aßmann
Aug 11, 2017, 11:09:37 AM8/11/17
to
Harry Putnam wrote:
> >> 050 >>> AUTH PLAIN aHB1dDNAZmFzdG1haWwuZm0AaHB1dDNAZmFzdG1haWwuZm0AamlueDAyMTc=
> > You just posted your real AUTH data...
> Well, I guess that was stupid..., but it doesn't look much like my
> credentials can you explain?
See the fine RFCs for SASL.
> >> 050 >>> AUTH PLAIN aHB1dDNAZmFzdG1haWwuZm0AaHB1dDNAZmFzdG1haWwuZm0AamlueDAyMTc=
> > You just posted your real AUTH data...
> Well, I guess that was stupid..., but it doesn't look much like my
> credentials can you explain?
It is the base64 encoded string of your login information.
echo aHB1dDNAZmFzdG1haWwuZm0AaHB1dDNAZmFzdG1haWwuZm0AamlueDAyMTc= | base64 -d > /tmp/decoded
Note: there are two NUL characters in the output.
0 new messages