dovecot warns (non-fatal) "invalid EHLO response line: Unexpected character in EHLO keyword" connecting to submission relay ?
I'm setting up an alternative submission relay host for dovecot. Atm, it's pointing @ fastmail.com.
with dovecot config,
submission_relay_host = smtp.fastmail.com
submission_relay_port = 465
submission_relay_ssl = smtps
submission_relay_ssl_verify = no
submission_relay_trusted = yes
submission_relay_user = 'acctID@mydomain.com'
submission_relay_password = 'acctPWD'submission relay via dovecot proxy works as expected -- mail's delivered/received by intended recipient.
in local dovecot logs I notice
==> /var/log/dovecot/dovecot.log <==
2020-09-24 16:22:19 submission(recipient@example.com)<xxxxxxxxxxxxxxxx>: Warning: smtp-client: conn smtp.fastmail.com:465 (66.111.4.140:465) [1]: Received invalid EHLO response line: Unexpected character in EHLO keywordat debug level
==> /var/log/dovecot/dovecot-debug.log <==
2020-09-24 16:22:19 submission(recipient@example.com)<xxxxxxxxxxxxxxxx>: Debug: smtp-client: conn smtp.fastmail.com:465 (66.111.4.140:465) [1]: command EHLO: Got reply (1/1): 250 mail.messagingengine.com PIPELINING SIZE 73000000 AUTH DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN AUTH=DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN ENHANCEDSTATUSCODES 8BITMIME (1 commands pending, 0 commands queued)it's clearly non-fatal, simply a warning.
i certainly do _not_ see this with every relay host, so suspect it's unique to fastmail's EHLO response. at least within the set of hosts I've tested.
i'd like to find/fix it ... either at my dovecot instance, or @ fastmail.
what's specifically invalid about
250 mail.messagingengine.com PIPELINING SIZE 73000000 AUTH DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN AUTH=DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN ENHANCEDSTATUSCODES 8BITMIMEby dovecot's 'measure'?
On Friday 25 September 2020 12:56:50, PGNet Dev wrote:
I'm setting up an alternative submission relay host for dovecot. Atm, it's pointing @ fastmail.com.
with dovecot config,
submission_relay_host = smtp.fastmail.com submission_relay_port = 465 submission_relay_ssl = smtps submission_relay_ssl_verify = no submission_relay_trusted = yes submission_relay_user = 'acctID@mydomain.com' submission_relay_password = 'acctPWD'
submission relay via dovecot proxy works as expected -- mail's delivered/received by intended recipient.
in local dovecot logs I notice
==> /var/log/dovecot/dovecot.log <== 2020-09-24 16:22:19 submission(recipient@example.com)<xxxxxxxxxxxxxxxx>: Warning: smtp-client: conn smtp.fastmail.com:465 (66.111.4.140:465) [1]: Received invalid EHLO response line: Unexpected character in EHLO keyword
at debug level
==> /var/log/dovecot/dovecot-debug.log <== 2020-09-24 16:22:19 submission(recipient@example.com)<xxxxxxxxxxxxxxxx>: Debug: smtp-client: conn smtp.fastmail.com:465 (66.111.4.140:465) [1]: command EHLO: Got reply (1/1): 250 mail.messagingengine.com PIPELINING SIZE 73000000 AUTH DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN AUTH=DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN ENHANCEDSTATUSCODES 8BITMIME (1 commands pending, 0 commands queued)
it's clearly non-fatal, simply a warning.
i certainly do _not_ see this with every relay host, so suspect it's unique to fastmail's EHLO response. at least within the set of hosts I've tested.
i'd like to find/fix it ... either at my dovecot instance, or @ fastmail.
what's specifically invalid about
250 mail.messagingengine.com PIPELINING SIZE 73000000 AUTH DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN AUTH=DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN ENHANCEDSTATUSCODES 8BITMIME
by dovecot's 'measure'?
The "=" in AUTH=PLAIN.
See: https://dovecot.org/pipermail/dovecot/2020-September/119854.html
$ openssl s_client -connect smtp.fastmail.com:465
...
220 smtp.fastmail.com ESMTP ready
ehlo asdf
250-smtp.fastmail.com
250-PIPELINING
250-SIZE 71000000
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-AUTH PLAIN LOGIN
250 AUTH=PLAIN LOGINThanks, Alec
On 9/26/20 6:45 AM, Alec Moskvin wrote:
what's specifically invalid about
250 mail.messagingengine.com PIPELINING SIZE 73000000 AUTH DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN AUTH=DIGEST-MD5 CRAM-MD5 NTLM LOGIN PLAIN ENHANCEDSTATUSCODES 8BITMIME
by dovecot's 'measure'?
The "=" in AUTH=PLAIN.
See: https://dovecot.org/pipermail/dovecot/2020-September/119854.html
$ openssl s_client -connect smtp.fastmail.com:465 ... 220 smtp.fastmail.com ESMTP ready ehlo asdf 250-smtp.fastmail.com 250-PIPELINING 250-SIZE 71000000 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-AUTH PLAIN LOGIN 250 AUTH=PLAIN LOGIN
ah! I'll take it up with fastmail. thx!
On 26 Sep 2020, at 07:45, Alec Moskvin alecm@gmx.com wrote:
250-AUTH PLAIN LOGIN 250 AUTH=PLAIN LOGIN
I believe this is not really an issue. The warning is just that, a warning. Some (broken) mail clients, Immagonnaguess Microsoft ones, expected the =, so many mail servers provide it.
AFAIK, It is safe to ignore the warning.
Ah, yes, I think this is it? (At least for Postfix)
http://www.postfix.org/SASL_README.html
broken_sasl_auth_clients (default: no) Enable interoperability with remote SMTP clients that implement an obsolete version of the AUTH command (RFC 4954). Examples of such clients are MicroSoft Outlook Express version 4 and MicroSoft Exchange version 5.0.
Specify "broken_sasl_auth_clients = yes" to have Postfix advertise AUTH support in a non-standard way.
It is probably safe for anyone to disable that, however, as I don't think those old versions support modern TLS.
-- showing snuffy is when Sesame Street jumped the shark
participants (3)
-
@lbutlr
-
Alec Moskvin
-
PGNet Dev