Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
smtpd: warning: hostname does not resolve to address Name or service not known
278 views
Skip to first unread message
Gab
Apr 17, 2015, 7:49:06 AM4/17/15
to
Hi list !
As the subject says i found this issue on my mail system after long time it
worked as expected.
Mine is a Debian Wheezy VPS system hosting postfix dovecot spamassassin with
mysql database .That's what logs say while i try to send an email by
thunderbird with my laptop:
while thunderbird says:
That's my postconf -n:
I have the same issue with all clients i have and by telnet i get while i
authenticate:
What others infos you need to get around this issue ?
every help will be appreciated
Regards
Gab
--
View this message in context: http://postfix.1071664.n5.nabble.com/smtpd-warning-hostname-does-not-resolve-to-address-Name-or-service-not-known-tp76263.html
Sent from the Postfix Users mailing list archive at Nabble.com.
As the subject says i found this issue on my mail system after long time it
worked as expected.
Mine is a Debian Wheezy VPS system hosting postfix dovecot spamassassin with
mysql database .That's what logs say while i try to send an email by
thunderbird with my laptop:
while thunderbird says:
That's my postconf -n:
I have the same issue with all clients i have and by telnet i get while i
authenticate:
What others infos you need to get around this issue ?
every help will be appreciated
Regards
Gab
--
View this message in context: http://postfix.1071664.n5.nabble.com/smtpd-warning-hostname-does-not-resolve-to-address-Name-or-service-not-known-tp76263.html
Sent from the Postfix Users mailing list archive at Nabble.com.
Krzs
Apr 17, 2015, 8:03:20 AM4/17/15
to
HTML tags from postfixusers nabble dot come web site don't show up in
emails ,i'll add their content in this replay:
On 17/04/2015 13:48, Gab wrote:
> Hi list !
> As the subject says i found this issue on my mail system after long time it
> worked as expected.
> Mine is a Debian Wheezy VPS system hosting postfix dovecot spamassassin with
> mysql database .That's what logs say while i try to send an email by
> thunderbird with my laptop:
>
>
>
> while thunderbird says:
postfix/smtpd[23417]: connect from my.laptop[1.2.3.4]
postfix/smtpd[23417]: lost connection after UNKNOWN from my.laptop[1.2.3.4]
postfix/smtpd[23417]: disconnect from my.laptop[1.2.3.4]
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
disable_dns_lookups = yes
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
mydestination = $mydomain, localhost.localdomain, localhost
mydomain = myFQDN
myhostname = smtp.$mydomain
mynetworks = 88.198.107.18, 127.0.0.1
mynetworks_style = host
myorigin = $mydomain
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtp_tls_cert_file = /etc/postfix/ssl/cert.pem
smtp_tls_ciphers = export
smtp_tls_key_file = /etc/postfix/ssl/key.pem
smtp_tls_note_starttls_offer = yes
smtp_tls_protocols = !SSLv2
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_ask_ccert = yes
smtpd_tls_auth_only = yes
smtpd_tls_ccert_verifydepth = 1
smtpd_tls_cert_file = /etc/postfix/ssl/cert.pem
smtpd_tls_key_file = /etc/postfix/ssl/key.pem
smtpd_tls_loglevel = 0
smtpd_tls_received_header = no
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
virtual_mailbox_domains =
mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_transport = dovecot
> I have the same issue with all clients i have and by telnet i get while i
> authenticate:
:~$ telnet smtp.myFQDN 25
Trying 1.2.3.4 ...
Connected to myFQDN.
Escape character is '^]'.
220 smtp.myFQDN ESMTP Postfix
ehlo smtp.myFQDN
250-smtp.myFQDN
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: admin@myFQDN
250 2.1.0 Ok
auth plain gibberishtextinbase64encodedvalueoftheusernameadminandpassword
503 5.5.1 Error: authentication not enabled
Connection closed by foreign host.
> What others infos you need to get around this issue ?
> every help will be appreciated
> Regards
> Gab
>
>
>
> --
> View this message in context: http://postfix.1071664.n5.nabble.com/smtpd-warning-hostname-does-not-resolve-to-address-Name-or-service-not-known-tp76263.html
> Sent from the Postfix Users mailing list archive at Nabble.com.
>
--
Key fingerprint = EB67 3CA1 6C61 EACE B705 4EC3 A28D E2DD 4C47 A4D9
emails ,i'll add their content in this replay:
On 17/04/2015 13:48, Gab wrote:
> Hi list !
> As the subject says i found this issue on my mail system after long time it
> worked as expected.
> Mine is a Debian Wheezy VPS system hosting postfix dovecot spamassassin with
> mysql database .That's what logs say while i try to send an email by
> thunderbird with my laptop:
>
>
>
> while thunderbird says:
postfix/smtpd[23417]: lost connection after UNKNOWN from my.laptop[1.2.3.4]
postfix/smtpd[23417]: disconnect from my.laptop[1.2.3.4]
> That's my postconf -n:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
disable_dns_lookups = yes
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
mydestination = $mydomain, localhost.localdomain, localhost
mydomain = myFQDN
myhostname = smtp.$mydomain
mynetworks = 88.198.107.18, 127.0.0.1
mynetworks_style = host
myorigin = $mydomain
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtp_tls_cert_file = /etc/postfix/ssl/cert.pem
smtp_tls_ciphers = export
smtp_tls_key_file = /etc/postfix/ssl/key.pem
smtp_tls_note_starttls_offer = yes
smtp_tls_protocols = !SSLv2
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_ask_ccert = yes
smtpd_tls_auth_only = yes
smtpd_tls_ccert_verifydepth = 1
smtpd_tls_cert_file = /etc/postfix/ssl/cert.pem
smtpd_tls_key_file = /etc/postfix/ssl/key.pem
smtpd_tls_loglevel = 0
smtpd_tls_received_header = no
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
virtual_mailbox_domains =
mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_transport = dovecot
> I have the same issue with all clients i have and by telnet i get while i
> authenticate:
Trying 1.2.3.4 ...
Connected to myFQDN.
Escape character is '^]'.
220 smtp.myFQDN ESMTP Postfix
ehlo smtp.myFQDN
250-smtp.myFQDN
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: admin@myFQDN
250 2.1.0 Ok
auth plain gibberishtextinbase64encodedvalueoftheusernameadminandpassword
503 5.5.1 Error: authentication not enabled
Connection closed by foreign host.
> What others infos you need to get around this issue ?
> every help will be appreciated
> Regards
> Gab
>
>
>
> --
> View this message in context: http://postfix.1071664.n5.nabble.com/smtpd-warning-hostname-does-not-resolve-to-address-Name-or-service-not-known-tp76263.html
> Sent from the Postfix Users mailing list archive at Nabble.com.
>
Key fingerprint = EB67 3CA1 6C61 EACE B705 4EC3 A28D E2DD 4C47 A4D9
Bill Cole
Apr 17, 2015, 11:27:04 AM4/17/15
to
On 17 Apr 2015, at 8:02, Krzs wrote:
> HTML tags from postfixusers nabble dot come web site don't show up in
> emails ,i'll add their content in this replay:
Almost entirely useless. What you added is full of lies, where you've
> HTML tags from postfixusers nabble dot come web site don't show up in
> emails ,i'll add their content in this replay:
used bogus names and addresses to replace nearly all information that
might be useful in diagnosis.
You're asking about a name resolution error message. No one can help you
if you are so paranoid that you won't divulge the names and IP addresses
involved. However, you did miss ONE IP address that provides a hint
towards one mistake:
> On 17/04/2015 13:48, Gab wrote:
> mydestination = $mydomain, localhost.localdomain, localhost
> mydomain = myFQDN
> myhostname = smtp.$mydomain
> mynetworks = 88.198.107.18, 127.0.0.1
18.107.198.88.in-addr.arpa. 86089 IN PTR frozenstar.info.
> mydomain = myFQDN
> myhostname = smtp.$mydomain
> mynetworks = 88.198.107.18, 127.0.0.1
frozenstar.info. 1512 IN MX 10 smtp.frozenstar.info.
smtp.frozenstar.info. 3327 IN CNAME frozenstar.info.
That's wrong. MX records MUST point to names that have A records.
Viktor Dukhovni
Apr 17, 2015, 11:57:15 AM4/17/15
to
On Fri, Apr 17, 2015 at 11:26:44AM -0400, Bill Cole wrote:
> On 17 Apr 2015, at 8:02, Krzs wrote:
>
> >HTML tags from postfixusers nabble dot come web site don't show up in
> >emails ,i'll add their content in this replay:
>
> Almost entirely useless. What you added is full of lies, where you've used
> bogus names and addresses to replace nearly all information that might be
> useful in diagnosis.
Let's tone that down shall we. Second warning.
> On 17 Apr 2015, at 8:02, Krzs wrote:
>
> >HTML tags from postfixusers nabble dot come web site don't show up in
> >emails ,i'll add their content in this replay:
>
> Almost entirely useless. What you added is full of lies, where you've used
> bogus names and addresses to replace nearly all information that might be
> useful in diagnosis.
--
Viktor.
Krzs
Apr 17, 2015, 3:53:13 PM4/17/15
to
On 17/04/2015 17:26, Bill Cole wrote:
> On 17 Apr 2015, at 8:02, Krzs wrote:
>
>> HTML tags from postfixusers nabble dot come web site don't show up in
>> emails
> Almost entirely useless. What you added is full of lies, where you've
> used bogus names and addresses to replace nearly all information that
> might be useful in diagnosis.
paranoid)
I won't consider your insults and i still hope someone would help.
Regars
Danny Horne
Apr 18, 2015, 6:19:47 AM4/18/15
to
On 17/04/2015 1:02 pm, Krzs wrote:
> :~$ telnet smtp.myFQDN 25
> Trying 1.2.3.4 ...
> Connected to myFQDN.
> Escape character is '^]'.
> 220 smtp.myFQDN ESMTP Postfix
> ehlo smtp.myFQDN
> 250-smtp.myFQDN
> 250-PIPELINING
> 250-SIZE 10240000
> 250-ETRN
> 250-STARTTLS
> 250-ENHANCEDSTATUSCODES
> 250-8BITMIME
> 250 DSN
> mail from: admin@myFQDN
> 250 2.1.0 Ok
> auth plain gibberishtextinbase64encodedvalueoftheusernameadminandpassword
> 503 5.5.1 Error: authentication not enabled
> Connection closed by foreign host.
before setting up a TLS connection
Krzs
Apr 18, 2015, 9:09:08 AM4/18/15
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
I did set an A record for my MX domain name
> smtp.frozenstar.info. 3600 IN A 88.198.107.18
SMTPD does starttls
> 220 2.0.0 Ready to start TLS
but i noticed this SSL error in logs:
> warning: TLS library problem: 1958:error:140760FC:SSL
> routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:649:
These are debug logs (hope you accept them):
> Apr 18 15:05:23 www postfix/smtpd[23438]: > unknown[199.58.81.144]:
> 250-smtp.frozenstar.info Apr 18 15:05:23 www postfix/smtpd[23438]:
> > unknown[199.58.81.144]: 250-PIPELINING Apr 18 15:05:23 www
> postfix/smtpd[23438]: > unknown[199.58.81.144]: 250-SIZE 10240000
> Apr 18 15:05:23 www postfix/smtpd[23438]: > unknown[199.58.81.144]:
> 250-ETRN Apr 18 15:05:23 www postfix/smtpd[23438]: >
> unknown[199.58.81.144]: 250-STARTTLS Apr 18 15:05:23 www
> postfix/smtpd[23438]: > unknown[199.58.81.144]:
> 250-ENHANCEDSTATUSCODES Apr 18 15:05:23 www postfix/smtpd[23438]: >
> unknown[199.58.81.144]: 250-8BITMIME Apr 18 15:05:23 www
> postfix/smtpd[23438]: > unknown[199.58.81.144]: 250 DSN Apr 18
> 15:05:23 www postfix/smtpd[23438]: < unknown[199.58.81.144]:
> STARTTLS Apr 18 15:05:23 www postfix/smtpd[23438]: >
> unknown[199.58.81.144]: 220 2.0.0 Ready to start TLS Apr 18
> 15:05:23 www postfix/smtpd[23438]: send attr request = seed Apr 18
> 15:05:23 www postfix/smtpd[23438]: send attr size = 32 Apr 18
> 15:05:23 www postfix/smtpd[23438]: private/tlsmgr: wanted
> attribute: status Apr 18 15:05:23 www postfix/smtpd[23438]: input
> attribute name: status Apr 18 15:05:23 www postfix/smtpd[23438]:
> input attribute value: 0 Apr 18 15:05:23 www postfix/smtpd[23438]:
> private/tlsmgr: wanted attribute: seed Apr 18 15:05:23 www
> postfix/smtpd[23438]: input attribute name: seed Apr 18 15:05:23
> www postfix/smtpd[23438]: input attribute value:
> +pxhGKo7ErHn9aDMYfY+PQaKkQcNeC1y/DhpAgqXUiY= Apr 18 15:05:23 www
> postfix/smtpd[23438]: private/tlsmgr: wanted attribute: (list
> terminator) Apr 18 15:05:23 www postfix/smtpd[23438]: input
> attribute name: (end) Apr 18 15:05:25 www postfix/smtpd[23438]:
> Anonymous TLS connection established from unknown[199.58.81.144]:
> TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) Apr
> 18 15:05:25 www postfix/smtpd[23438]: xsasl_dovecot_server_create:
> SASL service=smtp, realm=frozenstar.info Apr 18 15:05:25 www
> postfix/smtpd[23438]: name_mask: noanonymous Apr 18 15:05:25 www
> postfix/smtpd[23438]: xsasl_dovecot_server_connect: Connecting Apr
> 18 15:05:25 www postfix/smtpd[23438]: warning: SASL: Connect to
> private/auth failed: Connection refused Apr 18 15:05:25 www
> postfix/smtpd[23438]: fatal: no SASL authentication mechanisms Apr
> 18 15:05:26 www postfix/master[26805]: warning: process
> /usr/lib/postfix/smtpd pid 23438 exit status 1 Apr 18 15:05:26 www
> postfix/master[26805]: warning: /usr/lib/postfix/smtpd: bad command
> startup -- throttling
while i connect through thunderbird.
My mail system was working i don't understand what happened all of a
sudden ,
Regards
Gab
- --
iQIcBAEBCgAGBQJVMldEAAoJEKKN4t1MR6TZHJIP/Amc26ozXajfjUo4EcHnMmff
CHzHd8OXsBxASr6M0aYuYVBMCYE3e78+lQQ+VOFZLaAnM3maNp27JHQfEW7iP8Np
mAApduaY640RaI3743hLRzlviLuca1CWG+scdsqLkn3rMNTPMElovzSf0gUflfwE
mcpxkI4nzliuFYxo9dzNmv8Ymfp5OhhBua8ZFLDRAUITPObol+PcJWgkeYCa+avI
8H/evv5NwT+eYx1evN3dF+C1RUHby9QpEYQMUAEtdqLNbZB/RsNkRiwfEW3RezGK
TpjJgmI+2osU0dbG2Q6lCz1KiCztuzsNOV2bUd5IrlKreqfGEXXkp11mVdHsxyqW
xSTPNqBaysBWOdPhduSOZwovwlGTHzsU2iAQt/c7FgR2xXpI/uMvu2lPBvEXWsSI
btdi+J3eD8GLPuFw6LR4eke8qWxINCDCvq6op8Iu5IyX3aUa+YFkbMxsBbrDu0WM
RsWjqcIF4mcMGMidMLcw0sHkLPK7IrLGe55lZgv4mC3ZlXJKmjPuh0t3/WvesHz4
242qtWtz3rWRiG+yG3Me87GtFbQQ9y7sqZT6cFtQTw1cav/eMFKHbgfW7laj7g8J
W0rkcCpuva9CIr5NQIvqV+gUsiC5MoNhd9ewEH/eHZkLiSa4LcLDs+2WmS/cFk5w
Zln2x1cEa8IxQyuD/sds
=mOGK
-----END PGP SIGNATURE-----
Hash: SHA512
I did set an A record for my MX domain name
> smtp.frozenstar.info. 3600 IN A 88.198.107.18
SMTPD does starttls
> 220 2.0.0 Ready to start TLS
but i noticed this SSL error in logs:
> warning: TLS library problem: 1958:error:140760FC:SSL
> routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:649:
These are debug logs (hope you accept them):
> Apr 18 15:05:23 www postfix/smtpd[23438]: > unknown[199.58.81.144]:
> 250-smtp.frozenstar.info Apr 18 15:05:23 www postfix/smtpd[23438]:
> > unknown[199.58.81.144]: 250-PIPELINING Apr 18 15:05:23 www
> postfix/smtpd[23438]: > unknown[199.58.81.144]: 250-SIZE 10240000
> Apr 18 15:05:23 www postfix/smtpd[23438]: > unknown[199.58.81.144]:
> 250-ETRN Apr 18 15:05:23 www postfix/smtpd[23438]: >
> unknown[199.58.81.144]: 250-STARTTLS Apr 18 15:05:23 www
> postfix/smtpd[23438]: > unknown[199.58.81.144]:
> 250-ENHANCEDSTATUSCODES Apr 18 15:05:23 www postfix/smtpd[23438]: >
> unknown[199.58.81.144]: 250-8BITMIME Apr 18 15:05:23 www
> postfix/smtpd[23438]: > unknown[199.58.81.144]: 250 DSN Apr 18
> 15:05:23 www postfix/smtpd[23438]: < unknown[199.58.81.144]:
> STARTTLS Apr 18 15:05:23 www postfix/smtpd[23438]: >
> unknown[199.58.81.144]: 220 2.0.0 Ready to start TLS Apr 18
> 15:05:23 www postfix/smtpd[23438]: send attr request = seed Apr 18
> 15:05:23 www postfix/smtpd[23438]: send attr size = 32 Apr 18
> 15:05:23 www postfix/smtpd[23438]: private/tlsmgr: wanted
> attribute: status Apr 18 15:05:23 www postfix/smtpd[23438]: input
> attribute name: status Apr 18 15:05:23 www postfix/smtpd[23438]:
> input attribute value: 0 Apr 18 15:05:23 www postfix/smtpd[23438]:
> private/tlsmgr: wanted attribute: seed Apr 18 15:05:23 www
> postfix/smtpd[23438]: input attribute name: seed Apr 18 15:05:23
> www postfix/smtpd[23438]: input attribute value:
> +pxhGKo7ErHn9aDMYfY+PQaKkQcNeC1y/DhpAgqXUiY= Apr 18 15:05:23 www
> postfix/smtpd[23438]: private/tlsmgr: wanted attribute: (list
> terminator) Apr 18 15:05:23 www postfix/smtpd[23438]: input
> attribute name: (end) Apr 18 15:05:25 www postfix/smtpd[23438]:
> Anonymous TLS connection established from unknown[199.58.81.144]:
> TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) Apr
> 18 15:05:25 www postfix/smtpd[23438]: xsasl_dovecot_server_create:
> SASL service=smtp, realm=frozenstar.info Apr 18 15:05:25 www
> postfix/smtpd[23438]: name_mask: noanonymous Apr 18 15:05:25 www
> postfix/smtpd[23438]: xsasl_dovecot_server_connect: Connecting Apr
> 18 15:05:25 www postfix/smtpd[23438]: warning: SASL: Connect to
> private/auth failed: Connection refused Apr 18 15:05:25 www
> postfix/smtpd[23438]: fatal: no SASL authentication mechanisms Apr
> 18 15:05:26 www postfix/master[26805]: warning: process
> /usr/lib/postfix/smtpd pid 23438 exit status 1 Apr 18 15:05:26 www
> postfix/master[26805]: warning: /usr/lib/postfix/smtpd: bad command
> startup -- throttling
while i connect through thunderbird.
My mail system was working i don't understand what happened all of a
sudden ,
Regards
Gab
Key fingerprint = EB67 3CA1 6C61 EACE B705 4EC3 A28D E2DD 4C47 A4D9
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJVMldEAAoJEKKN4t1MR6TZHJIP/Amc26ozXajfjUo4EcHnMmff
CHzHd8OXsBxASr6M0aYuYVBMCYE3e78+lQQ+VOFZLaAnM3maNp27JHQfEW7iP8Np
mAApduaY640RaI3743hLRzlviLuca1CWG+scdsqLkn3rMNTPMElovzSf0gUflfwE
mcpxkI4nzliuFYxo9dzNmv8Ymfp5OhhBua8ZFLDRAUITPObol+PcJWgkeYCa+avI
8H/evv5NwT+eYx1evN3dF+C1RUHby9QpEYQMUAEtdqLNbZB/RsNkRiwfEW3RezGK
TpjJgmI+2osU0dbG2Q6lCz1KiCztuzsNOV2bUd5IrlKreqfGEXXkp11mVdHsxyqW
xSTPNqBaysBWOdPhduSOZwovwlGTHzsU2iAQt/c7FgR2xXpI/uMvu2lPBvEXWsSI
btdi+J3eD8GLPuFw6LR4eke8qWxINCDCvq6op8Iu5IyX3aUa+YFkbMxsBbrDu0WM
RsWjqcIF4mcMGMidMLcw0sHkLPK7IrLGe55lZgv4mC3ZlXJKmjPuh0t3/WvesHz4
242qtWtz3rWRiG+yG3Me87GtFbQQ9y7sqZT6cFtQTw1cav/eMFKHbgfW7laj7g8J
W0rkcCpuva9CIr5NQIvqV+gUsiC5MoNhd9ewEH/eHZkLiSa4LcLDs+2WmS/cFk5w
Zln2x1cEa8IxQyuD/sds
=mOGK
-----END PGP SIGNATURE-----
Danny Horne
Apr 18, 2015, 10:02:33 AM4/18/15
to
On 18/04/2015 2:08 pm, Krzs wrote:
> SMTPD does starttls
>
>> 220 2.0.0 Ready to start TLS
shown no evidence of the key negotiation (if that's what it's called)
required to create the encrypted connection, and I don't believe you can
do this from a telnet session anyway.
This site helped me understand the process -
https://qmail.jms1.net/test-auth.shtml
Krzs
Apr 18, 2015, 10:36:29 AM4/18/15
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
That's while i use openssl:
Hash: SHA512
> :~$ openssl s_client -starttls smtp -crlf -connect
> 88.198.107.18:25 CONNECTED(00000003) depth=0 C = DE, ST = Berlin, L
> = Berlin, O = Frozenstar Communications, OU = SMTP, CN =
> smtp.frozenstar.info, emailAddress = admin[at]frozenstar.info
> verify error:num=18:self signed certificate verify return:1 depth=0
> C = DE, ST = Berlin, L = Berlin, O = Frozenstar Communications, OU
> = SMTP, CN = smtp.frozenstar.info, emailAddress =
> admin[at]frozenstar.info verify return:1 --- Certificate chain 0
> s:/C=DE/ST=Berlin/L=Berlin/O=Frozenstar
> Communications/OU=SMTP/CN=smtp.frozenstar.info/emailAddress=admin[at]f
rozenstar.info
>
>
i:/C=DE/ST=Berlin/L=Berlin/O=Frozenstar
Communications/OU=SMTP/CN=smtp.frozenstar.info/emailAddress=admin[at]fro
zenstar.info
> --- Server certificate -----BEGIN CERTIFICATE-----
> MIIGIzCCBAugAwIBAgIJAPV+AisgHuWIMA0GCSqGSIb3DQEBBQUAMIGnMQswCQYD
> VQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYDVQQHDAZCZXJsaW4xIjAgBgNV
> WjCBpzELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVy
> bGluMSIwIAYDVQQKDBlGcm96ZW5zdGFyIENvbW11bmljYXRpb25zMQ0wCwYDVQQL
> DARTTVRQMR0wGwYDVQQDDBRzbXRwLmZyb3plbnN0YXIuaW5mbzEkMCIGCSqGSIb3
> DQEJARYVYWRtaW5AZnJvemVuc3Rhci5pbmZvMIICIjANBgkqhkiG9w0BAQEFAAOC
> 5arrfxBqFmGC7oaKftdlek5d+7VHwN9/CBkMXncPLKGm/x6x/zWMOrXXeCOoqBl+
> 73yH0exuNAeTRKR6L/PAf4peIZVxCrlc2c9defUOhUeiMqHIVkXWFR+4iwlSSDEF
> wIIeLu/3xy5vr1dPAEqvpcRH/LzvF6KFJTT7EWzdMSwWWvxHHmUoFFQbI44ionrd
> BLW22easVlWo2KSRCWUBR2QHCKI2E718ikoQ92saOmM2B4V2+QsD -----END
> CERTIFICATE----- subject=/C=DE/ST=Berlin/L=Berlin/O=Frozenstar
> Communications/OU=SMTP/CN=smtp.frozenstar.info/emailAddress=admin[at]f
rozenstar.info
>
>
issuer=/C=DE/ST=Berlin/L=Berlin/O=Frozenstar
Communications/OU=SMTP/CN=smtp.frozenstar.info/emailAddress=admin[at]fro
zenstar.info
> --- No client certificate CA names sent --- SSL handshake has read
> 2706 bytes and written 466 bytes --- New, TLSv1/SSLv3, Cipher is
> ECDHE-RSA-AES256-GCM-SHA384 Server public key is 4096 bit Secure
> Renegotiation IS supported Compression: NONE Expansion: NONE
> SSL-Session: Protocol : TLSv1.2 Cipher :
> ECDHE-RSA-AES256-GCM-SHA384 Session-ID:
> DE1240991CE9AA59F9337E80106A4365343E4C76FB371E4BD9CD53B98D2A1BB0
> Session-ID-ctx: Master-Key:
> 55B8C0826A345F5BF08D9740D35305ED2C9699A03ED2B9C9B99620745B6742FD163CAB
0E0A7D8B9A80616FECBC9D3F71
>
>
Key-Arg : None
> PSK identity: None PSK identity hint: None SRP username: None TLS
> session ticket lifetime hint: 3600 (seconds) TLS session ticket:
> 0000 - fd 8a bb 58 ce bb 59 5b-d8 34 d6 73 69 2e bb db
> ...X..Y[.4.si... 0010 - ab 9f f7 84 36 ef 4c f8-62 35 3f 4e 81 30
> 78 da ....6.L.b5?N.0x. 0020 - 43 fa 3a a1 a9 29 03 c1-1e dd cf 85
> 91 8a b0 ac C.:..).......... 0030 - 09 62 93 b7 0f b8 eb e0-cc 4f
> 09 6c 1a 31 73 5b .b.......O.l.1s[
> 0080 - ce 11 1b c0 1e 16 ae cb-5a 74 87 cd f2 74 f7 b7
> ........Zt...t.. 0090 - 0f 23 8a b1 4a ec 52 05-9f 08 79 7d a7 b2
> 4c 43 .#..J.R...y}..LC
>
> Start Time: 1429367076 Timeout : 300 (sec) Verify return code: 18
> (self signed certificate) --- 250 DSN
This is insted by telnet:
> :~$ telnet smtp.frozenstar.info 25Trying 88.198.107.18... Connected
> to smtp.frozenstar.info. Escape character is '^]'. 220
> smtp.frozenstar.info ESMTP Postfix ehlo frozenstar.info
> 250-smtp.frozenstar.info 250-PIPELINING 250-SIZE 10240000 250-ETRN
> 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN
AUTH is NOT on the list and logs say:
> postfix/smtpd[27162]: warning: hostname riseup.net does not resolve
> to address 199.58.81.144: Name or service not known Apr 18 16:26:51
> www postfix/smtpd[27162]: connect from unknown[199.58.81.144] Apr
> 18 16:26:53 www postfix/smtpd[27162]: Anonymous TLS connection
> established from unknown[199.58.81.144]: TLSv1.2 with cipher
> ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) Apr 18 16:26:53 www
> dovecot: auth-worker(27188): mysql(127.0.0.1): Connected to
> database mailserver Apr 18 16:26:55 www postfix/smtpd[27162]:
> warning: unknown[199.58.81.144]: SASL PLAIN authentication failed:
> Apr 18 16:27:02 www postfix/smtpd[27162]: warning:
> unknown[199.58.81.144]: SASL LOGIN authentication failed:
> UGFzc3dvcmQ6
Connection to mysql seems to work but not the authentication
Regards
- --
Key fingerprint = EB67 3CA1 6C61 EACE B705 4EC3 A28D E2DD 4C47 A4D9
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJVMmvJAAoJEKKN4t1MR6TZrZ4P/2fecQbA5Vr71+GX/xY7TYqO
Key fingerprint = EB67 3CA1 6C61 EACE B705 4EC3 A28D E2DD 4C47 A4D9
-----BEGIN PGP SIGNATURE-----
twT3qXgzpcuutxcSkXRCR1c/GilZCTOsYwywvgLJN3J+Y6ArG3l/XEXki5zYsbYw
Inl4OhcIIo2B5hxkhK1cQcln1x7igQlxAyAvVdEUFHvVQDVE/ezbqaEUmcbY37hg
2gn+119fgd4vEtPTssKINnyolXFNEut8cZDTNS0u/99h+6urEk3VQx3z9faTNhI3
prT1IY+EnlTxtGTsqLyS/oPzfqxPOXB+/KjTmKC3EdnSUzCD+tKhHnmgm06GdsnB
prmdOIRlwXsvc2qUvVgXRBMWZEC/j4lPElJHnSWak5LcIfJRgHWDBEdgKt0RV7UD
8OCtP4L9aSbQIXnzStXUDq94nr39acsaaJOmIbqXNX5NRg9Nl0fRQhW9MymNs1ki
7KuKZ/VnqqQTy92vuf0n6CZ25zhGgNNgOkoLQp2+mor4wRkGinixUbHH9KG8jCyy
81HKEExsUghXh1wqmlgDO91N36eWmekguwq85B1stcpTSVasOwKu6Tabm87iNdBt
OzGa7t54FC4gkDT8EwqFlSmcdvsSoFeoYG1kw//pTtF6ndggBVX3tJW6fBh1FzJL
gA2pON9iEuazs8zxFW2GQON69n7y17JtfHj3Oh8MfYJrjY0VID/XciEVtR/3jqO3
dTmpweibJpWMN8MsCi0F
=ODOk
-----END PGP SIGNATURE-----
Christian Kivalo
Apr 18, 2015, 10:43:45 AM4/18/15
to
On 2015-04-18 15:08, Krzs wrote:
>> postfix/smtpd[23438]: xsasl_dovecot_server_connect: Connecting Apr
>> 18 15:05:25 www postfix/smtpd[23438]: warning: SASL: Connect to
>> private/auth failed: Connection refused Apr 18 15:05:25 www
>> postfix/smtpd[23438]: fatal: no SASL authentication mechanisms Apr
>> 18 15:05:26 www postfix/master[26805]: warning: process
>> /usr/lib/postfix/smtpd pid 23438 exit status 1 Apr 18 15:05:26 www
>> postfix/master[26805]: warning: /usr/lib/postfix/smtpd: bad command
>> startup -- throttling
you seem to have a local problem with your auth daemon that postfix
>> postfix/smtpd[23438]: xsasl_dovecot_server_connect: Connecting Apr
>> 18 15:05:25 www postfix/smtpd[23438]: warning: SASL: Connect to
>> private/auth failed: Connection refused Apr 18 15:05:25 www
>> postfix/smtpd[23438]: fatal: no SASL authentication mechanisms Apr
>> 18 15:05:26 www postfix/master[26805]: warning: process
>> /usr/lib/postfix/smtpd pid 23438 exit status 1 Apr 18 15:05:26 www
>> postfix/master[26805]: warning: /usr/lib/postfix/smtpd: bad command
>> startup -- throttling
tries to connect to.
is dovecot running and an auth socket exists at
$queue_directory/private/auth?
>
> while i connect through thunderbird.
> My mail system was working i don't understand what happened all of a
> sudden ,
> Regards
>
> Gab
-c
> while i connect through thunderbird.
> My mail system was working i don't understand what happened all of a
> sudden ,
> Regards
>
> Gab
Krzs
Apr 18, 2015, 11:01:17 AM4/18/15
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hash: SHA512
On 18/04/2015 16:43, Christian Kivalo wrote:
> you seem to have a local problem with your auth daemon that
> postfix tries to connect to. is dovecot running and an auth socket
> exists at $queue_directory/private/auth?
Dovecot is up and running:
> you seem to have a local problem with your auth daemon that
> postfix tries to connect to. is dovecot running and an auth socket
> exists at $queue_directory/private/auth?
> tcp 0 0 0.0.0.0:110 0.0.0.0:*
> LISTEN 658/dovecot tcp 0 0 0.0.0.0:143
> 0.0.0.0:* LISTEN 658/dovecot tcp 0 0
> 0.0.0.0:4190 0.0.0.0:* LISTEN
> 658/dovecot tcp 0 0 0.0.0.0:993 0.0.0.0:*
> LISTEN 658/dovecot tcp 0 0 0.0.0.0:995
> 0.0.0.0:* LISTEN 658/dovecot
and file /etc/dovecot/conf.d/10-master.conf has proper:
> # Postfix smtp-auth unix_listener /var/spool/postfix/private/auth
> { mode = 0660 user = postfix group = postfix }
As also documented in >
https://workaround.org/ispmail/wheezy/setting-up-dovecot
Regards
>> Gab
>
- --
Key fingerprint = EB67 3CA1 6C61 EACE B705 4EC3 A28D E2DD 4C47 A4D9
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJVMnGYAAoJEKKN4t1MR6TZJV4P/2BN94/zqlvezp0aauIi9Jb3
- --
Key fingerprint = EB67 3CA1 6C61 EACE B705 4EC3 A28D E2DD 4C47 A4D9
-----BEGIN PGP SIGNATURE-----
neUyAXQo3hTwIJFpWwGY9eRaXMN9tplhT3D1MsmWx/Xwl4JWeNlyaVSNZknyIc2Q
UiEDid4PjiaT4bh1hMhQbPKcdf9NrHgPuD1i0TdNkJ7Cbf7Pt6bBMuuz14+bUxU2
3a7wudjPoWowl549nPblkxeET1oVE91Nb4OxdPyQ59YYkapaTm9f0rn+fsB+Wlnr
r5YiGeZSqU65oETuNM2YbuyKhXvRRI5GbBkJ2uzbON8X7BdkWe7aIoLUJ+XCfgZw
6FLVV6Q2s+41/954NlNfr3wr+BDkPjxq8gWFkYxTw6h93Bq3b9e3mq7g5Dkkxcys
tYZl01G6f3e5DlqYCuDKFCAnY6P86Q9oWug9oJngqTwVOACeGRi88cYWpTF74Cux
/whoZIWvmBlxtmtYngN54ZtA41CpCQ+tGCrxKCrhBQ+LmMLnT/Bw3/QN3NBgzrUS
kGg/qMYcq/SzuEcZAY8cNbeMifnge7fyy+LmmAQPSHnteGPONMmDIekOlCi0mOTo
M3lyNyr0c7XsGEetCwuv+IKWFC1RicbuANNLMpuLshI5q23y/ryefC5E+bwy5cYF
U1G6HmBOQjDaFFq38DpVesP6+yT6I8a8a2dpCUFy6vcror72d2nSi3jDOUPIbZXL
A5ghLxjjJPQamO3gBSC2
=NPjm
-----END PGP SIGNATURE-----
Alex JOST
Apr 18, 2015, 12:37:51 PM4/18/15
to
Am 18.04.2015 um 16:35 schrieb Krzs:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> That's while i use openssl:
>
>> :~$ openssl s_client -starttls smtp -crlf -connect
>> 88.198.107.18:25 CONNECTED(00000003) depth=0 C = DE, ST = Berlin, L
>> = Berlin, O = Frozenstar Communications, OU = SMTP, CN =
>> smtp.frozenstar.info, emailAddress = admin[at]frozenstar.info
>> verify error:num=18:self signed certificate verify return:1 depth=0
>> C = DE, ST = Berlin, L = Berlin, O = Frozenstar Communications, OU
>> = SMTP, CN = smtp.frozenstar.info, emailAddress =
>> admin[at]frozenstar.info verify return:1 --- Certificate chain 0
>> s:/C=DE/ST=Berlin/L=Berlin/O=Frozenstar
>> Communications/OU=SMTP/CN=smtp.frozenstar.info/emailAddress=admin[at]f
> rozenstar.info
[...]
>
>> :~$ openssl s_client -starttls smtp -crlf -connect
>> 88.198.107.18:25 CONNECTED(00000003) depth=0 C = DE, ST = Berlin, L
>> = Berlin, O = Frozenstar Communications, OU = SMTP, CN =
>> smtp.frozenstar.info, emailAddress = admin[at]frozenstar.info
>> verify error:num=18:self signed certificate verify return:1 depth=0
>> C = DE, ST = Berlin, L = Berlin, O = Frozenstar Communications, OU
>> = SMTP, CN = smtp.frozenstar.info, emailAddress =
>> admin[at]frozenstar.info verify return:1 --- Certificate chain 0
>> s:/C=DE/ST=Berlin/L=Berlin/O=Frozenstar
>> Communications/OU=SMTP/CN=smtp.frozenstar.info/emailAddress=admin[at]f
> rozenstar.info
>>
>> Start Time: 1429367076 Timeout : 300 (sec) Verify return code: 18
>> (self signed certificate) --- 250 DSN
If I issue the same command and continue with EHLO AUTH is offered to me
>> Start Time: 1429367076 Timeout : 300 (sec) Verify return code: 18
>> (self signed certificate) --- 250 DSN
but my credentials (obviously) get rejected. So far working as it should.
535 5.7.8 Error: authentication failed: UGFzc3dvcmQ6
> This is insted by telnet:
>
>> :~$ telnet smtp.frozenstar.info 25Trying 88.198.107.18... Connected
>> to smtp.frozenstar.info. Escape character is '^]'. 220
>> smtp.frozenstar.info ESMTP Postfix ehlo frozenstar.info
>> 250-smtp.frozenstar.info 250-PIPELINING 250-SIZE 10240000 250-ETRN
>> 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN
>
> AUTH is NOT on the list and logs say:
smtpd_tls_auth_only = yes
To me it looks as if everything is working as it should. This might
simply be a Thunderbird misconfiguration.
--
Alex JOST
Krzs
Apr 18, 2015, 2:31:39 PM4/18/15
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hash: SHA512
> www postfix/smtpd[11453]: warning: hostname anon.riseup.net does
> not resolve to address 199.58.81.144: Name or service not known www
> postfix/smtpd[11453]: connect from unknown[199.58.81.144] www
> postfix/smtpd[11453]: lost connection after UNKNOWN from
> unknown[199.58.81.144] www postfix/smtpd[11453]: disconnect from
> unknown[199.58.81.144] www dovecot: auth-worker(13211):
> mysql(127.0.0.1): Connected to database mailserver www dovecot:
> pop3-login: Login: user=<ad...@frozenstar.info>, method=PLAIN,
> rip=199.58.81.144, lip=88.198.107.18, mpid=13213, TLS,
> session=<yNqghgMUNQDHOlGQ> www dovecot:
> pop3(ad...@frozenstar.info): Disconnected: Logged out top=0/0,
> retr=0/0, del=0/10, size=41665
There is a dns issue to me my actual postconf -n is:
> alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases
> append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes
> disable_dns_lookups = no disable_vrfy_command = yes
> dovecot_destination_recipient_limit = 1 inet_interfaces = all
> inet_protocols = all mailbox_size_limit = 0 mydestination =
> localhost.localdomain, localhost mydomain = frozenstar.info
> inet_protocols = all mailbox_size_limit = 0 mydestination =
> myhostname = smtp.$mydomain mynetworks = 127.0.0.1 mynetworks_style
> = host myorigin = $mydomain readme_directory = no
> recipient_delimiter = + relayhost = smtp_tls_cert_file =
> /etc/postfix/ssl/cert.pem smtp_tls_ciphers = export
> smtp_tls_key_file = /etc/postfix/ssl/key.pem
> smtp_tls_note_starttls_offer = yes smtp_tls_protocols = !SSLv2
> smtp_tls_security_level = may smtp_tls_session_cache_database =
> btree:${data_directory}/smtp_scache smtp_use_tls = yes smtpd_banner
> = $myhostname ESMTP $mail_name (DeadbyDawn) smtpd_delay_reject =
> smtp_tls_key_file = /etc/postfix/ssl/key.pem
> smtp_tls_note_starttls_offer = yes smtp_tls_protocols = !SSLv2
> smtp_tls_security_level = may smtp_tls_session_cache_database =
> btree:${data_directory}/smtp_scache smtp_use_tls = yes smtpd_banner
> yes smtpd_helo_required = yes smtpd_sasl_auth_enable = yes
> smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain =
> $mydomain smtpd_sasl_path = private/auth
> smtpd_sasl_security_options = noanonymous smtpd_sasl_type =
> dovecot smtpd_tls_ask_ccert = no smtpd_tls_auth_only = yes
> smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain =
> $mydomain smtpd_sasl_path = private/auth
> smtpd_sasl_security_options = noanonymous smtpd_sasl_type =
> smtpd_tls_ccert_verifydepth = 0 smtpd_tls_cert_file =
> /etc/postfix/ssl/cert.pem smtpd_tls_key_file =
> /etc/postfix/ssl/key.pem smtpd_tls_loglevel = 1
> smtpd_tls_received_header = yes smtpd_tls_security_level = may
> smtpd_tls_session_cache_database =
> btree:${data_directory}/smtpd_scache smtpd_use_tls = yes
> tls_random_source = dev:/dev/urandom virtual_alias_maps =
> mysql:/etc/postfix/mysql-virtual-alias-maps.cf
> virtual_mailbox_domains =
> mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
> virtual_mailbox_maps =
> mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf virtual_transport
> = dovecot
By mutt which has in its own conf:
> btree:${data_directory}/smtpd_scache smtpd_use_tls = yes
> tls_random_source = dev:/dev/urandom virtual_alias_maps =
> mysql:/etc/postfix/mysql-virtual-alias-maps.cf
> virtual_mailbox_domains =
> mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
> virtual_mailbox_maps =
> mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf virtual_transport
> = dovecot
> set ssl_force_tls = yes set ssl_starttls = yes
i get relay access denied and postfix logs say:
> Apr 18 20:16:48 www postfix/smtpd[23597]: warning: hostname
> anon.riseup.net does not resolve to address 199.58.81.144: Name or
> service not known Apr 18 20:16:48 www postfix/smtpd[23597]: connect
> from unknown[199.58.81.144] Apr 18 20:16:50 www
> postfix/smtpd[23597]: Anonymous TLS connection established from
> unknown[199.58.81.144]: TLSv1.2 with cipher DHE-RSA-AES128-SHA
> (128/128 bits) Apr 18 20:16:51 www dovecot: auth-worker(23645):
> mysql(127.0.0.1): Connected to database mailserver Apr 18 20:16:52
> www postfix/smtpd[23597]: NOQUEUE: reject: RCPT from
> unknown[199.58.81.144]: 554 5.7.1 <gabriele[at]riseup.net>: Relay
> access denied; from=<admin[at]frozenstar.info>
> to=<gabriele[at]riseup.net> proto=ESMTP
> helo=<xkrooked.frozenstar.tld> Apr 18 20:16:52 www
> postfix/smtpd[23597]: lost connection after RCPT from
> unknown[199.58.81.144] Apr 18 20:16:52 www postfix/smtpd[23597]:
> disconnect from unknown[199.58.81.144]
Claws mail client logs say:
> [20:25:22] SMTP< 220 smtp.frozenstar.info ESMTP Postfix [20:25:22]
> ESMTP> EHLO localhost [20:25:23] ESMTP< 250-smtp.frozenstar.info
> [20:25:23] ESMTP< 250-PIPELINING [20:25:23] ESMTP< 250-SIZE
> 10240000 [20:25:23] ESMTP< 250-ETRN [20:25:23] ESMTP< 250-STARTTLS
> [20:25:23] ESMTP< 250-ENHANCEDSTATUSCODES [20:25:23] ESMTP<
> 250-8BITMIME [20:25:23] ESMTP< 250 DSN [20:25:23] ESMTP> STARTTLS
> [20:25:23] ESMTP< 220 2.0.0 Ready to start TLS [20:25:27] ESMTP>
> EHLO localhost [20:25:27] ESMTP< 250-smtp.frozenstar.info
> [20:25:27] ESMTP< 250-PIPELINING [20:25:27] ESMTP< 250-SIZE
> 10240000 [20:25:27] ESMTP< 250-ETRN [20:25:27] ESMTP< 250-AUTH
> PLAIN LOGIN [20:25:27] ESMTP< 250-AUTH=PLAIN LOGIN [20:25:27]
> ESMTP< 250-ENHANCEDSTATUSCODES [20:25:27] ESMTP< 250-8BITMIME
> [20:25:27] ESMTP< 250 DSN [20:25:27] ESMTP> AUTH LOGIN [20:25:28]
> ESMTP< 334 VXNlcm5hbWU6 [20:25:28] ESMTP> [USERID] [20:25:28]
> ESMTP< 334 UGFzc3dvcmQ6 [20:25:28] ESMTP> [PASSWORD] [20:25:28]
> ESMTP< 235 2.7.0 Authentication successful [20:25:28] ESMTP> MAIL
> FROM:<admin[at]frozenstar.info> SIZE=365 [20:25:28] SMTP< 250 2.1.0
> Ok [20:25:28] SMTP> RCPT TO:<gabriele[at]riseup.net> [20:25:29]
> SMTP< 554 5.7.1 <gabriele[at]riseup.net>: Relay access denied
To me is defenitly a dns issue i have commented out security
restrictions in postfix that's how i explain the "relay access denied"
Regards
- --
Key fingerprint = EB67 3CA1 6C61 EACE B705 4EC3 A28D E2DD 4C47 A4D9
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJVMqLsAAoJEKKN4t1MR6TZ9xkQALivWo0hBI8DNj19pzPfqpwN
Key fingerprint = EB67 3CA1 6C61 EACE B705 4EC3 A28D E2DD 4C47 A4D9
-----BEGIN PGP SIGNATURE-----
TR8EUHVwZVUv2syyuwmfmpX09/BLlbuI9AVDnbLxogPU1QmBKyVQ47yh/bwrWg7F
EzmNHnqYFKCP0whjfjQCrrEEz8SgVWvT0qT3cnGV67KFMT0u7CRJ5NZsHKYVzB+k
F20A9E3zhZcuCFtNNQXOPfawp79fOfs+JF+8SfGIC0On1GN0XSns4DzO2l6JGdNH
PSkvAW0rZHynN6b2Mdljoe1WeEveeFDX5yBa/0mm+D3exsQpEd0tKNA+nndQS9hw
NF/Xag1ttOq+nb/qthGHXEF7M3tB72z47QYrgWXZt3gRUzQRLsEHcYLIvC6lwoIY
nhcvz7vZS9ErfffHImqv4qFAQmfb1S1bhyApJZhhFtjNlUnLBxO4lZ+8EPfMKtyN
yvYzgJIBxWl5AiV//Gm8dAd7Azvtf1XmpqEnx8gVZ3W1hvjAB0kHjdZaBXVQDUtB
U8PQZhY3PzlMf+5tEBQRNO9fR117rttASwp3blmjAwEoYLj7uPu5JbDKahmBBNfg
SnIwm5NzggRqB3KuXLelwDdAtR5GWDYZycN8rr1uPrNlwAHzdjFMDLauYlhFzKJe
ZmuTi4jFYa/OXoEs5Ky1+boL+PkdGis05kvmdk/tR0mNdRVjbmTNJrOUgvcvJlZq
7J0Yu0J85+Ybo+Rqr2xV
=Y5QQ
-----END PGP SIGNATURE-----
Noel Jones
Apr 18, 2015, 3:19:27 PM4/18/15
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 4/18/2015 1:31 PM, Krzs wrote:
>
>
> On 18/04/2015 18:36, Alex JOST wrote:
>> Am 18.04.2015 um 16:35 schrieb Krzs:
>
>> To me it looks as if everything is working as it should.
>> This might simply be a Thunderbird misconfiguration.
>
>
> By thunderbird and connection security SSL/TLS i get:
>
>> www postfix/smtpd[11453]: warning: hostname anon.riseup.net
>> does not resolve to address 199.58.81.144: Name or service
>> not known www postfix/smtpd[11453]: connect from
>> unknown[199.58.81.144] www postfix/smtpd[11453]: lost
>> connection after UNKNOWN from
The "lost connection after UNKNOWN" is because your thunderbird is
using wrappermode TLS, commonly used on port 465. You need to set
tbird for "STARTTLS".
>
> There is a dns issue
Yes, but that isn't the problem.
> to me my actual postconf -n is:
Unreadable, I'm not even going to try.
>
>> alias_database = hash:/etc/aliases alias_maps =
>> hash:/etc/aliases append_dot_mydomain = no biff = no
>> broken_sasl_auth_clients = yes config_directory =
>> /etc/postfix delay_warning_time = 4h disable_dns_lookups = no
>> disable_vrfy_command = yes
>> dovecot_destination_recipient_limit = 1 inet_interfaces = all
>> inet_protocols = all mailbox_size_limit = 0 mydestination =
>> localhost.localdomain, localhost mydomain = frozenstar.info
>
configured for STARTTLS.
>> mysql(127.0.0.1): Connected to database mailserver Apr 18
>> 20:16:52 www postfix/smtpd[23597]: NOQUEUE: reject: RCPT
>> from unknown[199.58.81.144]: 554 5.7.1
>> <gabriele[at]riseup.net>: Relay access denied;
>> from=<admin[at]frozenstar.info>
But the client never sent an AUTH command to postfix; if it had,
it would be logged. Relay access is denied because the client did
not AUTH.
>> to=<gabriele[at]riseup.net> proto=ESMTP
>> helo=<xkrooked.frozenstar.tld> Apr 18 20:16:52 www
>> postfix/smtpd[23597]: lost connection after RCPT from
>> unknown[199.58.81.144] Apr 18 20:16:52 www
>> postfix/smtpd[23597]: disconnect from unknown[199.58.81.144]
>
> Claws mail client logs say:
Unreadable, but this is shorter, so I'll try:
>
>> [20:25:22] SMTP< 220 smtp.frozenstar.info ESMTP Postfix
>> [20:25:22] ESMTP> EHLO localhost [20:25:23] ESMTP<
>> 250-smtp.frozenstar.info [20:25:23] ESMTP< 250-PIPELINING
>> [20:25:23] ESMTP< 250-SIZE 10240000 [20:25:23] ESMTP<
>> 250-ETRN [20:25:23] ESMTP< 250-STARTTLS [20:25:23] ESMTP<
>> 250-ENHANCEDSTATUSCODES [20:25:23] ESMTP< 250-8BITMIME
>> [20:25:23] ESMTP< 250 DSN [20:25:23] ESMTP> STARTTLS
>> [20:25:23] ESMTP< 220 2.0.0 Ready to start TLS [20:25:27]
>> ESMTP>
STARTTLS issued, TLS connection established.
>> EHLO localhost [20:25:27] ESMTP< 250-smtp.frozenstar.info
>> [20:25:27] ESMTP< 250-PIPELINING [20:25:27] ESMTP< 250-SIZE
>> 10240000 [20:25:27] ESMTP< 250-ETRN [20:25:27] ESMTP<
>> 250-AUTH PLAIN LOGIN [20:25:27] ESMTP< 250-AUTH=PLAIN LOGIN
>> [20:25:27] ESMTP< 250-ENHANCEDSTATUSCODES [20:25:27] ESMTP<
>> 250-8BITMIME [20:25:27] ESMTP< 250 DSN [20:25:27] ESMTP> AUTH
>> LOGIN [20:25:28] ESMTP< 334 VXNlcm5hbWU6 [20:25:28] ESMTP>
>> [USERID] [20:25:28] ESMTP< 334 UGFzc3dvcmQ6 [20:25:28] ESMTP>
>> [PASSWORD] [20:25:28] ESMTP< 235 2.7.0 Authentication
>> successful [20:25:28] ESMTP> MAIL
This time apparently the AUTH worked. Postfix would have logged a
similar auth successful line.
>> FROM:<admin[at]frozenstar.info> SIZE=365 [20:25:28] SMTP< 250
>> 2.1.0 Ok [20:25:28] SMTP> RCPT TO:<gabriele[at]riseup.net>
>> [20:25:29] SMTP< 554 5.7.1 <gabriele[at]riseup.net>: Relay
>> access denied
But relay is still denied. Probably because you forgot to add
"permit_sasl_authenticated" to your postfix restrictions, or added
it in the wrong place. Posting a readable "postconf -n" will
probably help.
>
> To me is defenitly a dns issue
No, nothing to do with DNS.
> i have commented out security restrictions in postfix that's
> how i explain the "relay access denied"
Ah, and that's why you get relay access denied.
>
> Regards
>
-- Noel Jones
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJVMq4kAAoJEJGRUHb5Oh6gOkoH/i/8NchROmoCl1AVQxs9MSCn
d2jozaQ2JyxGcW4it+NK8P3Ube7VTIr/Su/vX5LjqL7AA0PQlYaLqYFMZLWnqlgy
84LbsahBlTnB5Vt5QRSvSm4eZrdqkHuf6U//myBfZek3FjjgLQLsUx0lKd4MHX5m
Gx7LZimcd0EP9Q+RUyyhk5T5Uce1hP2G3w8w7N8ln4yQF+WxfBTvx8+Z8lk7ErKl
69Ze0NbfwbI3OYANH74bmrIlNDpWmqCLyE4OyxuCLLtePfJyH7bS4keWNm81Jc5O
AcwsDb7mHqai0PolG/bSR5X4XbTwG0P2HjqxuPtY2PokB4me1vL9DjP+oQHY2go=
=Ry2W
-----END PGP SIGNATURE-----
---
This email has been checked for viruses by Avast antivirus software.
http://www.avast.com
Hash: SHA256
On 4/18/2015 1:31 PM, Krzs wrote:
>
>
> On 18/04/2015 18:36, Alex JOST wrote:
>> Am 18.04.2015 um 16:35 schrieb Krzs:
>
>> To me it looks as if everything is working as it should.
>> This might simply be a Thunderbird misconfiguration.
>
>
> By thunderbird and connection security SSL/TLS i get:
>
>> www postfix/smtpd[11453]: warning: hostname anon.riseup.net
>> does not resolve to address 199.58.81.144: Name or service
>> not known www postfix/smtpd[11453]: connect from
>> unknown[199.58.81.144] www postfix/smtpd[11453]: lost
>> connection after UNKNOWN from
using wrappermode TLS, commonly used on port 465. You need to set
tbird for "STARTTLS".
>
> There is a dns issue
> to me my actual postconf -n is:
>
>> alias_database = hash:/etc/aliases alias_maps =
>> hash:/etc/aliases append_dot_mydomain = no biff = no
>> broken_sasl_auth_clients = yes config_directory =
>> /etc/postfix delay_warning_time = 4h disable_dns_lookups = no
>> disable_vrfy_command = yes
>> dovecot_destination_recipient_limit = 1 inet_interfaces = all
>> inet_protocols = all mailbox_size_limit = 0 mydestination =
>> localhost.localdomain, localhost mydomain = frozenstar.info
>
> By mutt which has in its own conf:
>
>> set ssl_force_tls = yes set ssl_starttls = yes
>
> i get relay access denied and postfix logs say:
>
>> Apr 18 20:16:48 www postfix/smtpd[23597]: warning: hostname
>> anon.riseup.net does not resolve to address 199.58.81.144:
>> Name or service not known Apr 18 20:16:48 www
>> postfix/smtpd[23597]: connect from unknown[199.58.81.144] Apr
>> 18 20:16:50 www postfix/smtpd[23597]: Anonymous TLS
>> connection established from unknown[199.58.81.144]: TLSv1.2
>> with cipher DHE-RSA-AES128-SHA (128/128 bits) Apr 18 20:16:51
>> www dovecot: auth-worker(23645):
Good, TLS connection to postfix works when the client is
>
>> set ssl_force_tls = yes set ssl_starttls = yes
>
> i get relay access denied and postfix logs say:
>
>> Apr 18 20:16:48 www postfix/smtpd[23597]: warning: hostname
>> anon.riseup.net does not resolve to address 199.58.81.144:
>> Name or service not known Apr 18 20:16:48 www
>> postfix/smtpd[23597]: connect from unknown[199.58.81.144] Apr
>> 18 20:16:50 www postfix/smtpd[23597]: Anonymous TLS
>> connection established from unknown[199.58.81.144]: TLSv1.2
>> with cipher DHE-RSA-AES128-SHA (128/128 bits) Apr 18 20:16:51
>> www dovecot: auth-worker(23645):
configured for STARTTLS.
>> mysql(127.0.0.1): Connected to database mailserver Apr 18
>> 20:16:52 www postfix/smtpd[23597]: NOQUEUE: reject: RCPT
>> from unknown[199.58.81.144]: 554 5.7.1
>> <gabriele[at]riseup.net>: Relay access denied;
>> from=<admin[at]frozenstar.info>
it would be logged. Relay access is denied because the client did
not AUTH.
>> to=<gabriele[at]riseup.net> proto=ESMTP
>> helo=<xkrooked.frozenstar.tld> Apr 18 20:16:52 www
>> postfix/smtpd[23597]: lost connection after RCPT from
>> unknown[199.58.81.144] Apr 18 20:16:52 www
>> postfix/smtpd[23597]: disconnect from unknown[199.58.81.144]
>
> Claws mail client logs say:
>
>> [20:25:22] SMTP< 220 smtp.frozenstar.info ESMTP Postfix
>> [20:25:22] ESMTP> EHLO localhost [20:25:23] ESMTP<
>> 250-smtp.frozenstar.info [20:25:23] ESMTP< 250-PIPELINING
>> [20:25:23] ESMTP< 250-SIZE 10240000 [20:25:23] ESMTP<
>> 250-ETRN [20:25:23] ESMTP< 250-STARTTLS [20:25:23] ESMTP<
>> 250-ENHANCEDSTATUSCODES [20:25:23] ESMTP< 250-8BITMIME
>> [20:25:23] ESMTP< 250 DSN [20:25:23] ESMTP> STARTTLS
>> [20:25:23] ESMTP< 220 2.0.0 Ready to start TLS [20:25:27]
>> ESMTP>
>> EHLO localhost [20:25:27] ESMTP< 250-smtp.frozenstar.info
>> [20:25:27] ESMTP< 250-PIPELINING [20:25:27] ESMTP< 250-SIZE
>> 10240000 [20:25:27] ESMTP< 250-ETRN [20:25:27] ESMTP<
>> 250-AUTH PLAIN LOGIN [20:25:27] ESMTP< 250-AUTH=PLAIN LOGIN
>> [20:25:27] ESMTP< 250-ENHANCEDSTATUSCODES [20:25:27] ESMTP<
>> 250-8BITMIME [20:25:27] ESMTP< 250 DSN [20:25:27] ESMTP> AUTH
>> LOGIN [20:25:28] ESMTP< 334 VXNlcm5hbWU6 [20:25:28] ESMTP>
>> [USERID] [20:25:28] ESMTP< 334 UGFzc3dvcmQ6 [20:25:28] ESMTP>
>> [PASSWORD] [20:25:28] ESMTP< 235 2.7.0 Authentication
>> successful [20:25:28] ESMTP> MAIL
similar auth successful line.
>> FROM:<admin[at]frozenstar.info> SIZE=365 [20:25:28] SMTP< 250
>> 2.1.0 Ok [20:25:28] SMTP> RCPT TO:<gabriele[at]riseup.net>
>> [20:25:29] SMTP< 554 5.7.1 <gabriele[at]riseup.net>: Relay
>> access denied
"permit_sasl_authenticated" to your postfix restrictions, or added
it in the wrong place. Posting a readable "postconf -n" will
probably help.
>
> To me is defenitly a dns issue
> i have commented out security restrictions in postfix that's
> how i explain the "relay access denied"
>
> Regards
>
-- Noel Jones
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJVMq4kAAoJEJGRUHb5Oh6gOkoH/i/8NchROmoCl1AVQxs9MSCn
d2jozaQ2JyxGcW4it+NK8P3Ube7VTIr/Su/vX5LjqL7AA0PQlYaLqYFMZLWnqlgy
84LbsahBlTnB5Vt5QRSvSm4eZrdqkHuf6U//myBfZek3FjjgLQLsUx0lKd4MHX5m
Gx7LZimcd0EP9Q+RUyyhk5T5Uce1hP2G3w8w7N8ln4yQF+WxfBTvx8+Z8lk7ErKl
69Ze0NbfwbI3OYANH74bmrIlNDpWmqCLyE4OyxuCLLtePfJyH7bS4keWNm81Jc5O
AcwsDb7mHqai0PolG/bSR5X4XbTwG0P2HjqxuPtY2PokB4me1vL9DjP+oQHY2go=
=Ry2W
-----END PGP SIGNATURE-----
---
This email has been checked for viruses by Avast antivirus software.
http://www.avast.com
Krzs
Apr 18, 2015, 3:31:10 PM4/18/15
to
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 18/04/2015 21:19, Noel Jones wrote:
> On 4/18/2015 1:31 PM, Krzs wrote:
>
> But relay is still denied. Probably because you forgot to add
> "permit_sasl_authenticated" to your postfix restrictions, or added
> it in the wrong place. Posting a readable "postconf -n" will
> probably help.
>
>
>
>> To me is defenitly a dns issue
>
> No, nothing to do with DNS.
>
>> i have commented out security restrictions in postfix that's how
>> i explain the "relay access denied"
>
> Ah, and that's why you get relay access denied.
I have put back security restrictions and also corrected
smtp_host_lookup which was set to native instead of dns and i got over
the issue ,thanks everybody
Regards
Gab
- --
Key fingerprint = EB67 3CA1 6C61 EACE B705 4EC3 A28D E2DD 4C47 A4D9
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJVMrDXAAoJEKKN4t1MR6TZJb4P/3yp3z7vvW2aawwqOgQO6xiW
Fpe5JKUQss5zmWragrvXWBH2Xwpm94bpDNKHlHFYD2Rx/1zkX+sOAAZZDfn69JzO
x/QjyUg3ghQPzI94NoIIxRQz1fxybcUNwbcGhyYQQsS/j2bINpj+v5yEVijErKZE
qtR4W2cKvd99IAuNYD2m06OOSzhD3yfCmMT0HsGSw3zegdemspk+4eztpRwLnXed
bmwElELnShb9xdz64Dj3l9hlhiqGW13iwvxDsdl8VHaox86z5SBEqoJsFHj7+Ifi
czKPe3Rw3ug/fO+ApfLsDwFkPbqtM9TwaA3LFqEA4EIMOLZXRA6v8liDSlOMT18x
5QZTiBu4yozSycDRhlfXaexrkh5EW+Zltf0gtM47mUtpKw8POvHXDtW9TYOT4LiU
aBA6CYqvW54fuxhT2od7tLyOGJCO8nkPbSJUjFsJpgL9JyqEsnqfkhM7yjidqdqZ
1KVkDjiJRTNKq1z4OY7nTYPNF1BtqR/nWD4ZkQ04UlZIRA++pXdNSqljZl7pWRoM
k7PEPPgR2VaPaz0CZ7vdOL0O80Lm2D6iCV3mtxipomfzrrDUUrIbbrpSKqNwfwdH
dDrCu8vIArPLaUpD0kcJbWsSOwY8vA7W86Tz8XSZiQbXgJjInW3yvwQQHFuTonmY
HvmNpYmWY077sWJPMOGY
=Jwnj
-----END PGP SIGNATURE-----
Hash: SHA512
On 18/04/2015 21:19, Noel Jones wrote:
> On 4/18/2015 1:31 PM, Krzs wrote:
>
> But relay is still denied. Probably because you forgot to add
> "permit_sasl_authenticated" to your postfix restrictions, or added
> it in the wrong place. Posting a readable "postconf -n" will
> probably help.
>
>
>
>> To me is defenitly a dns issue
>
> No, nothing to do with DNS.
>
>> i have commented out security restrictions in postfix that's how
>> i explain the "relay access denied"
>
> Ah, and that's why you get relay access denied.
smtp_host_lookup which was set to native instead of dns and i got over
the issue ,thanks everybody
Regards
Gab
- --
Key fingerprint = EB67 3CA1 6C61 EACE B705 4EC3 A28D E2DD 4C47 A4D9
-----BEGIN PGP SIGNATURE-----
Fpe5JKUQss5zmWragrvXWBH2Xwpm94bpDNKHlHFYD2Rx/1zkX+sOAAZZDfn69JzO
x/QjyUg3ghQPzI94NoIIxRQz1fxybcUNwbcGhyYQQsS/j2bINpj+v5yEVijErKZE
qtR4W2cKvd99IAuNYD2m06OOSzhD3yfCmMT0HsGSw3zegdemspk+4eztpRwLnXed
bmwElELnShb9xdz64Dj3l9hlhiqGW13iwvxDsdl8VHaox86z5SBEqoJsFHj7+Ifi
czKPe3Rw3ug/fO+ApfLsDwFkPbqtM9TwaA3LFqEA4EIMOLZXRA6v8liDSlOMT18x
5QZTiBu4yozSycDRhlfXaexrkh5EW+Zltf0gtM47mUtpKw8POvHXDtW9TYOT4LiU
aBA6CYqvW54fuxhT2od7tLyOGJCO8nkPbSJUjFsJpgL9JyqEsnqfkhM7yjidqdqZ
1KVkDjiJRTNKq1z4OY7nTYPNF1BtqR/nWD4ZkQ04UlZIRA++pXdNSqljZl7pWRoM
k7PEPPgR2VaPaz0CZ7vdOL0O80Lm2D6iCV3mtxipomfzrrDUUrIbbrpSKqNwfwdH
dDrCu8vIArPLaUpD0kcJbWsSOwY8vA7W86Tz8XSZiQbXgJjInW3yvwQQHFuTonmY
HvmNpYmWY077sWJPMOGY
=Jwnj
-----END PGP SIGNATURE-----
0 new messages