Authentication problem with Thunderbird
in [Postfix]
|
From: Noel Jones on 25 Apr 2010 16:45 On 4/25/2010 2:05 PM, mohamad rahimi wrote: > > > ------------------------------------------------------------------------ > *From:* Victor Duchovni <Victor.Duchovni(a)morganstanley.com> > *To:* postfix-users(a)postfix.org > *Sent:* Sun, April 25, 2010 8:17:11 PM > *Subject:* Re: Authentication problem with Thunderbird > > On Sun, Apr 25, 2010 at 10:18:57AM -0700, mohamad rahimi wrote: > > > >> "Unable to authentication to SMTP server mx.mydomain. The server > does not > > > >support any compatible secure authentication mechanism but you > have chosen > > > >secure authentication. Try switching off secure authentication." > > > > >"Secure Authentication" means no plaintext passwords, i.e. GSSAPI, > > >CRAM-MD5, ... Are you sure you have support for mechanisms other than > > >"PLAIN"? If not, don't tell Thunderbird to try and use them... > > > >> I am sure our mail server had the mechanisms for Secure Authentication. > > >What do you mean when you say this? Which non-plaintext SASL mechanisms > >does your server support, and how? > > >> my question is that how can I understand that now our mail server > >> support this mechanisms and how can I run this. > > >The above sentence does not make sense in English I am afraid. :-( > > Sorry for inconvenient in my explanation. In my first email I told that > this problem happened after restart the firewall and mail server before > that I did not have this problem and it means Secure Authentication > mechanisms worked. > I don't know Which non-plaintext or plaintext SASL mechanisms my server > support. > how can I find out? > Instructions for testing your server, which includes displaying mechanisms offered, can be found here: http://www.postfix.org/SASL_README.html#server_test Note: if you configured your server to offer different mechanisms to an encrypted connection, test with openssl rather than telnet: % openssl s_client -connect server.example.com:25 -starttls smtp
From: mohamad rahimi on 26 Apr 2010 05:57 ________________________________ From: Noel Jones <njones(a)megan.vbhcs.org> To: postfix-users(a)postfix.org Sent: Sun, April 25, 2010 10:45:35 PM Subject: Re: Authentication problem with Thunderbird On 4/25/2010 2:05 PM, mohamad rahimi wrote: > > > ------------------------------------------------------------------------ > *From:* Victor Duchovni <Victor.Duchovni(a)morganstanley.com> > *To:* postfix-users(a)postfix.org > *Sent:* Sun, April 25, 2010 8:17:11 PM > *Subject:* Re: Authentication problem with Thunderbird > > On Sun, Apr 25, 2010 at 10:18:57AM -0700, mohamad rahimi wrote: > > > >> "Unable to authentication to SMTP server mx.mydomain. The server > does not > > > >support any compatible secure authentication mechanism but you > have chosen > > > >secure authentication. Try switching off secure authentication." > > > > >"Secure Authentication" means no plaintext passwords, i.e. GSSAPI, > > >CRAM-MD5, ... Are you sure you have support for mechanisms other than > > >"PLAIN"? If not, don't tell Thunderbird to try and use them... > > > >> I am sure our mail server had the mechanisms for Secure Authentication. > > >What do you mean when you say this? Which non-plaintext SASL mechanisms > >does your server support, and how? > > >> my question is that how can I understand that now our mail server > >> support this mechanisms and how can I run this. > > >The above sentence does not make sense in English I am afraid. :-( > > Sorry for inconvenient in my explanation. In my first email I told that > this problem happened after restart the firewall and mail server before > that I did not have this problem and it means Secure Authentication > mechanisms worked. > I don't know Which non-plaintext or plaintext SASL mechanisms my server > support. > how can I find out? > >Instructions for testing your server, which includes >displaying mechanisms offered, can be found here: >http://www.postfix.org/SASL_README.html#server_test >Note: if you configured your server to offer different >mechanisms to an encrypted connection, test with openssl >rather than telnet: >% openssl s_client -connect server.example.com:25 -starttls smtp I tested authentication with telnet and openssl and I received this error " 535 5.7.0 Error: authentication failed: authentication failure" what should I do?
From: Noel Jones on 26 Apr 2010 08:14 On 4/26/2010 4:57 AM, mohamad rahimi wrote: > *From:* Noel Jones <njones(a)megan.vbhcs.org> > >Instructions for testing your server, which includes > >displaying mechanisms offered, can be found here: >>http://www.postfix.org/SASL_README.html#server_test > > >Note: if you configured your server to offer different > >mechanisms to an encrypted connection, test with openssl > >rather than telnet: > >% openssl s_client -connect server.example.com:25 -starttls smtp > > I tested authentication with telnet and openssl and I received this > error " 535 5.7.0 Error: authentication failed: authentication failure" > what should I do? Start here: http://www.postfix.org/DEBUG_README.html and here: http://www.postfix.org/SASL_README.html The first thing is to check your postfix logs for errors and warnings. Often these will tell you exactly what the problem is. http://www.postfix.org/DEBUG_README.html#logging If this problem started after a reboot, an obvious thing is to make sure all the services related to your sasl started. If you need further help from the list, please see: http://www.postfix.org/DEBUG_README.html#mail -- Noel Jones
From: Victor Duchovni on 26 Apr 2010 10:25 On Mon, Apr 26, 2010 at 02:57:59AM -0700, mohamad rahimi wrote: > I tested authentication with telnet and openssl and I received this error " 535 5.7.0 Error: authentication failed: authentication failure" > what should I do? You should tell the whole joke, not just the punch-line (last line of the joke). Your problem description is missing ALL the key details, it is of no use at all. - Post the unedited server responses from the moment you connected (show the 220 banner) until you got the server's list of SASL mechanisms. - Post the server logs related to the transaction. - Do not post your attempt to manually login with SASL, especially with non-plaintext mechanisms (GSSAPI, CRAM-MD5, ...) you simply won't be able to mimic the protocol by hand. I am not at all suprised that you could not SASL authenticate via telnet. -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note.
From: mohamad rahimi on 26 Apr 2010 13:14 ________________________________ From: Victor Duchovni <Victor.Duchovni(a)morganstanley.com> To: postfix-users(a)postfix.org Sent: Mon, April 26, 2010 4:25:47 PM Subject: Re: Authentication problem with Thunderbird On Mon, Apr 26, 2010 at 02:57:59AM -0700, mohamad rahimi wrote: > I tested authentication with telnet and openssl and I received this error " 535 5.7.0 Error: authentication failed: authentication failure" > what should I do? You should tell the whole joke, not just the punch-line (last line of the joke). Your problem description is missing ALL the key details, it is of no use at all. - Post the unedited server responses from the moment you connected (show the 220 banner) until you got the server's list of SASL mechanisms. - Post the server logs related to the transaction. - Do not post your attempt to manually login with SASL, especially with non-plaintext mechanisms (GSSAPI, CRAM-MD5, ...) you simply won't be able to mimic the protocol by hand. I am not at all suprised that you could not SASL authenticate via telnet. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! sorry for inconvenient because I just start to work with postfix. I am not sure this is what you want. Trying 130.83.159.162... Connected to mx.theo.chemie.tu-darmstadt.de. Escape character is '^]'. 220 mx.theo.chemie.tu-darmstadt.de ESMTP Postfix ehlo testing 250-mx.theo.chemie.tu-darmstadt.de 250-PIPELINING 250-SIZE 20480000 250-VRFY 250-ETRN 250-STARTTLS 250-AUTH LOGIN PLAIN 250-AUTH=LOGIN PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN AUTH PLAIN AHRlc3QAdGVzdHBhc3M= 535 5.7.0 Error: authentication failed: authentication failure and this is the two last line of /var/log/mail Apr 26 19:04:43 bromma postfix/smtpd[27517]: warning: SASL authentication failure: Password verification failed Apr 26 19:04:43 bromma postfix/smtpd[27517]: warning: unknown[10.0.0.172]: SASL PLAIN authentication failed: authentication failure thanks
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 Prev: virtual_alias_domains question Next: Newbie: virtual alias problem |