Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
SASL LOGIN authentication failed: Invalid authentication mechanism
968 views
Skip to first unread message
li...@airstreamcomm.net
Aug 17, 2012, 4:03:25 PM8/17/12
to
I am trying to get SASL (with dovecot) setup on postfix 2.6.6 and
receiving this warning:
warning: domain.tld[ip.add.re.ss]: SASL LOGIN authentication failed:
Invalid authentication mechanism
There are a number of successful SASL attempts, but a large number of
these warnings are occurring as well.
Postconf -n:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
default_destination_recipient_limit = 1000
default_process_limit = 1000
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 52224000
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
myhostname = osmtp-3.airstreamcomm.net
mynetworks = $config_directory/mynetworks
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
relayhost = omrcd1.parcel-airstreamcomm.net
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sender_bcc_maps = hash:/etc/postfix/sender_bcc
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_data_done_timeout = 900s
smtp_data_init_timeout = 900s
smtp_data_xfer_timeout = 900s
smtp_helo_timeout = 900s
smtp_mail_timeout = 900s
smtp_tls_note_starttls_offer = yes
smtpd_client_event_limit_exceptions = static:all
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, check_client_access
mysql:/etc/postfix/authb4smtp.cf, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = reject_unknown_sender_domain,
reject_non_fqdn_sender, permit
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.crt
smtpd_tls_key_file = /etc/pki/tls/private/postfix.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_cache
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
receiving this warning:
warning: domain.tld[ip.add.re.ss]: SASL LOGIN authentication failed:
Invalid authentication mechanism
There are a number of successful SASL attempts, but a large number of
these warnings are occurring as well.
Postconf -n:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
default_destination_recipient_limit = 1000
default_process_limit = 1000
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 52224000
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
myhostname = osmtp-3.airstreamcomm.net
mynetworks = $config_directory/mynetworks
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
relayhost = omrcd1.parcel-airstreamcomm.net
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sender_bcc_maps = hash:/etc/postfix/sender_bcc
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_data_done_timeout = 900s
smtp_data_init_timeout = 900s
smtp_data_xfer_timeout = 900s
smtp_helo_timeout = 900s
smtp_mail_timeout = 900s
smtp_tls_note_starttls_offer = yes
smtpd_client_event_limit_exceptions = static:all
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, check_client_access
mysql:/etc/postfix/authb4smtp.cf, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = reject_unknown_sender_domain,
reject_non_fqdn_sender, permit
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.crt
smtpd_tls_key_file = /etc/pki/tls/private/postfix.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_cache
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
Patrick Ben Koetter
Aug 17, 2012, 4:17:55 PM8/17/12
to
* li...@airstreamcomm.net <li...@airstreamcomm.net>:
dovecot - acting as SASL service - who offers a list of mechanisms to Postfix
and Postfix just passes it on.
Take a list at $auth_mechanisms in /etc/dovecot/conf.d/10-auth.conf and see
if you can match what your clients ask for.
p@rick
--
All technical questions asked privately will be automatically answered on the
list and archived for public access unless privacy is explicitely required and
justified.
saslfinger (debugging SMTP AUTH):
<http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
> I am trying to get SASL (with dovecot) setup on postfix 2.6.6 and
> receiving this warning:
>
> warning: domain.tld[ip.add.re.ss]: SASL LOGIN authentication failed:
> Invalid authentication mechanism
The client attempts to use a mechanism Postfix does not offer. Actually it is
> receiving this warning:
>
> warning: domain.tld[ip.add.re.ss]: SASL LOGIN authentication failed:
> Invalid authentication mechanism
dovecot - acting as SASL service - who offers a list of mechanisms to Postfix
and Postfix just passes it on.
Take a list at $auth_mechanisms in /etc/dovecot/conf.d/10-auth.conf and see
if you can match what your clients ask for.
p@rick
--
All technical questions asked privately will be automatically answered on the
list and archived for public access unless privacy is explicitely required and
justified.
saslfinger (debugging SMTP AUTH):
<http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
Wietse Venema
Aug 17, 2012, 4:20:38 PM8/17/12
to
li...@airstreamcomm.net:
> I am trying to get SASL (with dovecot) setup on postfix 2.6.6 and
> receiving this warning:
>
> ?warning: domain.tld[ip.add.re.ss]: SASL LOGIN authentication failed:
> I am trying to get SASL (with dovecot) setup on postfix 2.6.6 and
> receiving this warning:
>
This means that the client sent an "AUTH LOGIN" command, i.e.
a request to use the LOGIN authentication method.
> Invalid authentication mechanism
This means that Postfix SMTP daemon rejects the LOGIN authentication
method, because it's not on the list of methods that the Dovecot
server is configured to support.
Wietse
li...@airstreamcomm.net
Aug 17, 2012, 4:33:46 PM8/17/12
to
On 8/17/12 3:17 PM, Patrick Ben Koetter wrote:
> * li...@airstreamcomm.net <li...@airstreamcomm.net>:
> * li...@airstreamcomm.net <li...@airstreamcomm.net>:
>> I am trying to get SASL (with dovecot) setup on postfix 2.6.6 and
>> receiving this warning:
>>
>> receiving this warning:
>>
>> warning: domain.tld[ip.add.re.ss]: SASL LOGIN authentication failed:
>> Invalid authentication mechanism
> The client attempts to use a mechanism Postfix does not offer. Actually it is
> dovecot - acting as SASL service - who offers a list of mechanisms to Postfix
> and Postfix just passes it on.
>
> Take a list at $auth_mechanisms in /etc/dovecot/conf.d/10-auth.conf and see
> if you can match what your clients ask for.
>
> p@rick
>
>
Thanks that did the trick.
>> Invalid authentication mechanism
> The client attempts to use a mechanism Postfix does not offer. Actually it is
> dovecot - acting as SASL service - who offers a list of mechanisms to Postfix
> and Postfix just passes it on.
>
> Take a list at $auth_mechanisms in /etc/dovecot/conf.d/10-auth.conf and see
> if you can match what your clients ask for.
>
> p@rick
>
>
/dev/rob0
Aug 17, 2012, 4:36:07 PM8/17/12
to
On Fri, Aug 17, 2012 at 04:20:38PM -0400, Wietse Venema wrote:
> li...@airstreamcomm.net:
> > I am trying to get SASL (with dovecot) setup on postfix 2.6.6
> > and receiving this warning:
> >
> > ?warning: domain.tld[ip.add.re.ss]: SASL LOGIN authentication
> li...@airstreamcomm.net:
> > I am trying to get SASL (with dovecot) setup on postfix 2.6.6
> > and receiving this warning:
> >
> > failed:
>
> This means that the client sent an "AUTH LOGIN" command, i.e.
> a request to use the LOGIN authentication method.
It's perhaps also worthy of note to mention that the client is
> a request to use the LOGIN authentication method.
broken. It should not attempt to use an unlisted AUTH mechanism.
> > Invalid authentication mechanism
>
> This means that Postfix SMTP daemon rejects the LOGIN
> authentication method, because it's not on the list of methods
> that the Dovecot server is configured to support.
http://rob0.nodns4.us/ -- system administration and consulting
Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
0 new messages