At my company we've had a longstanding problem of not being able to send email from devices outside of our internal network and any specific IP address that we open the relay to. As it turns out, SASL has never been set up. I need to set up SASL ASAP but none of the guides I've found seem to work. This is the latest guide I tried: http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL I did everything on here minus the last part because it's on the same server.
Also, instead of submission inet n - - - - smtpd I did: 127.0.0.1:1025 inet n - - - - smtpd
After all is done, however, I'm unable to send any mail. Thunderbird just says sending message but doesn't send and I don't even get an error. I end up having to disable SASL again before I can send mail.
Dovecot version 2.0.9 Postfix version 2.6.6 CentOS 6 I have Postfix, Dovecot, and ASSP on the same server.
Thanks everyone.
-- This email was Virus checked by Astaro Security Gateway. http://www.sophos.com
On 10/21/2014 8:40 AM, Brian bstringfellow@bobcad.com wrote:
Also, instead of submission inet n - - - - smtpd I did: 127.0.0.1:1025 inet n - - - - smtpd
After all is done, however, I'm unable to send any mail.
No surprise there.
You *must* use the submission port if you want it to work.
Not sure why you thought otherwise.
Am 21.10.2014 um 14:45 schrieb Charles Marcus:
On 10/21/2014 8:40 AM, Brian bstringfellow@bobcad.com wrote:
Also, instead of submission inet n - - - - smtpd I did: 127.0.0.1:1025 inet n - - - - smtpd
After all is done, however, I'm unable to send any mail.
No surprise there.
You *must* use the submission port if you want it to work. Not sure why you thought otherwise.
no, you can use any port you want if you configure the client on the same one - but it must not only listen on 127.0.0.1
not postfix nor the client are interested in a specific port, that's why we have 587 *and* 588, 588 only opened for specific client IP's with other rate-limits
On 10/21/2014 8:49 AM, Reindl Harald h.reindl@thelounge.net wrote:
Am 21.10.2014 um 14:45 schrieb Charles Marcus:
On 10/21/2014 8:40 AM, Brian bstringfellow@bobcad.com wrote:
Also, instead of submission inet n - - - - smtpd I did: 127.0.0.1:1025 inet n - - - - smtpd
After all is done, however, I'm unable to send any mail. No surprise there.
You *must* use the submission port if you want it to work. Not sure why you thought otherwise. no, you can use any port you want if you configure the client on the same one - but it must not only listen on 127.0.0.1
That was obviously my point.
Am 21.10.2014 um 14:40 schrieb Brian:
At my company we've had a longstanding problem of not being able to send email from devices outside of our internal network and any specific IP address that we open the relay to. As it turns out, SASL has never been set up. I need to set up SASL ASAP but none of the guides I've found seem to work. This is the latest guide I tried: http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL I did everything on here minus the last part because it's on the same server.
don't pretend - "postconf -n" and "dovecot -n"
# dovecot service auth { unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group = postfix } }
# postfix smtpd_sasl_auth_enable = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth
Also, instead of submission inet n - - - - smtpd I did: 127.0.0.1:1025 inet n - - - - smtpd
that is complete nonsense
- 1025 is not a standard port
- the port only listens on localhost
- no way to connect from outside
After all is done, however, I'm unable to send any mail. Thunderbird just says sending message but doesn't send and I don't even get an error. I end up having to disable SASL again before I can send mail.
because most likely 1025 is not opened in the firewall and even if since you misconfigured the server it could not connect
Dovecot version 2.0.9 Postfix version 2.6.6 CentOS 6 I have Postfix, Dovecot, and ASSP on the same server
On 2014-10-21 07:40, Brian wrote:
At my company we've had a longstanding problem of not being able to send email from devices outside of our internal network and any specific IP address that we open the relay to. As it turns out, SASL has never been set up. I need to set up SASL ASAP but none of the guides I've found seem to work.
I recommend reading over these guides and doing outside research to fill in any blanks:
- https://www.linode.com/docs/email/postfix/email-with-postfix-dovecot-and-mys...
- https://workaround.org/ispmail
- http://wiki2.dovecot.org/Authentication/PasswordSchemes
They walk you through setting up SASL for Postfix which uses Dovecot for auth. Dovecot in turn uses a MySQL database that you put together, but Dovecot supports many other auth sources such as LDAP that might be more relevant to your setup.
It's worth mentioning (although you probably already know this) to double-check any recommendations you find in guides against official docs when it comes to security practices. For example, one guide recommends using the MD5 hashing algorithm (without a salt) to store passwords. I'm (very) far from being a security expert, but I recommend you research an alternative hashing scheme if you're setting up an auth source from scratch.
participants (4)
-
Brian
-
Charles Marcus
-
deoren
-
Reindl Harald