Authentication problem with Thunderbird
in [Postfix]
|
From: Victor Duchovni on 26 Apr 2010 13:20 On Mon, Apr 26, 2010 at 10:14:59AM -0700, mohamad rahimi wrote: > I am not sure this is what you want. This is exactly it. Much better, thanks. > Trying 130.83.159.162... > Connected to mx.theo.chemie.tu-darmstadt.de. > Escape character is '^]'. > 220 mx.theo.chemie.tu-darmstadt.de ESMTP Postfix > ehlo testing > 250-mx.theo.chemie.tu-darmstadt.de > 250-PIPELINING > 250-SIZE 20480000 > 250-VRFY > 250-ETRN > 250-STARTTLS > 250-AUTH LOGIN PLAIN > 250-AUTH=LOGIN PLAIN > 250-ENHANCEDSTATUSCODES > 250-8BITMIME > 250 DSN These are NOT "secure" authentication mechanisms, just "PLAIN" and "LOGIN", which you turned off in Thunderbird. I frankly don't believe you when you say that you used to support other mechanisms. The solution is to NOT tell Thunderbird to only use "Secure" authentication mechanisms. If you want to protect "PLAIN" from snooping, use TLS to encrypt the channel. Don't confuse SSL sessions with "secure authentication" (i.e. GSSAPI or CRAM-MD5, ...) > AUTH PLAIN AHRlc3QAdGVzdHBhc3M= > 535 5.7.0 Error: authentication failed: authentication failure $ echo AHRlc3QAdGVzdHBhc3M= | openssl base64 -d | od -c 0000000 \0 t e s t \0 t e s t p a s s 0000016 Good, the user "test" with a password of "testpass" does not work. Your system does not have an insecure "test" account with that password. > and this is the two last line of /var/log/mail > > Apr 26 19:04:43 bromma postfix/smtpd[27517]: warning: SASL authentication failure: Password verification failed > Apr 26 19:04:43 bromma postfix/smtpd[27517]: warning: unknown[10.0.0.172]: SASL PLAIN authentication failed: authentication failure As expected. -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note. |