Kolab doesn't alow to send e-mail from outside the network

Thomas Spuhler thomas at btspuhler.com
Mon Sep 10 21:40:58 CEST 2007 

On Mon, 2007-09-10 at 07:15 +0200, Gunnar Wrobel wrote:
> Thomas Spuhler <thomas at btspuhler.com> writes:
> 
> > On Sunday 09 September 2007 11:23, Alain Spineux wrote:
> >> On 9/9/07, Thomas Spuhler <thomas at btspuhler.com> wrote:
> >> > Kolab doesn't allow to send e-mail from outside the network
> >> > The setup is that sasl_authenticated should be allowed to send e-mail
> >> > from outside the local network.
> >>
> >> It is!
> >>
> >> > However I am being asked for the password in an infinite loop. It seems
> >> > that the sasl path may not be correct
> >>
> >> The error reported by postfix in the log could help us a lot :-)
> >>
> >> Did you allowed
> >>
> >> > --
> >> > Thomas Spuhler
> >> >
> >> > _______________________________________________
> >> > Kolab-users mailing list
> >> > Kolab-users at kolab.org
> >> > https://kolab.org/mailman/listinfo/kolab-users
> >
> > I did use authentication from inside just to get the error log (easier than go 
> > outside), I don't need them from the internal network:
> >
> > From  /var/log/mail/info.log
> 
> "/var/log/mail/info.log" does not look like you are using a standard
> Kolab Server. When reporting errors/problems, please follow the
> guidelines detailed at http://wiki.kolab.org/index.php/Error_reporting

Yes, it's a Mandriva install (2007.0).

> 
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: connection established
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: master_notify: status 0
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: name_mask: resource
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: name_mask: software
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: xsasl_cyrus_server_create: SASL 
> > service=smtp, realm=(null)
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: name_mask: noanonymous
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: connect from 
> > aargau.btspuhler.com[127.0.0.1]
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: match_list_match: 
> > aargau.btspuhler.com: no match
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: match_list_match: 127.0.0.1: no 
> > match
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: match_list_match: 
> > aargau.btspuhler.com: no match
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: match_list_match: 127.0.0.1: no 
> > match
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: send attr request = seed
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: send attr size = 32
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: private/tlsmgr: wanted attribute: 
> > status
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: input attribute name: status
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: input attribute value: 0
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: private/tlsmgr: wanted attribute: 
> > seed
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: input attribute name: seed
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: input attribute value: 
> > xXhiDtFxRCWVc0zl45K3+1na8rpR5nQwaN2riOYxk=
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: private/tlsmgr: wanted attribute: 
> > (list terminator)
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: input attribute name: (end)
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: match_hostname: 
> > aargau.btspuhler.com ~? 127.0.0.0/8
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: match_hostaddr: 127.0.0.1 ~? 
> > 127.0.0.0/8
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: > 
> > aargau.btspuhler.com[127.0.0.1]: 220 aargau.btspuhler.com ESMTP Postfix
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: < 
> > aargau.btspuhler.com[127.0.0.1]: EHLO aargau.btspuhler.com
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: > 
> > aargau.btspuhler.com[127.0.0.1]: 250-aargau.btspuhler.com
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: > 
> > aargau.btspuhler.com[127.0.0.1]: 250-PIPELINING
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: > 
> > aargau.btspuhler.com[127.0.0.1]: 250-SIZE 5000000
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: > 
> > aargau.btspuhler.com[127.0.0.1]: 250-VRFY
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: > 
> > aargau.btspuhler.com[127.0.0.1]: 250-ETRN
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: > 
> > aargau.btspuhler.com[127.0.0.1]: 250-AUTH GSSAPI CRAM-MD5 DIGEST-MD5 LOGIN 
> > PLAIN
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: match_list_match: 
> > aargau.btspuhler.com: no match
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: match_list_match: 127.0.0.1: no 
> > match
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: > 
> > aargau.btspuhler.com[127.0.0.1]: 250-AUTH=GSSAPI CRAM-MD5 DIGEST-MD5 LOGIN 
> > PLAIN
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: > 
> > aargau.btspuhler.com[127.0.0.1]: 250-ENHANCEDSTATUSCODES
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: > 
> > aargau.btspuhler.com[127.0.0.1]: 250-8BITMIME
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: > 
> > aargau.btspuhler.com[127.0.0.1]: 250 DSN
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: < 
> > aargau.btspuhler.com[127.0.0.1]: AUTH PLAIN 
> > dGhvbWFzQGJ0c3B1aGxlci5jAdGhvbWFzQGJ0c3B1aGxlci5jb20AYnJ1bm81MA==
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: xsasl_cyrus_server_first: 
> > sasl_method PLAIN, init_response 
> > dGhvbWFzQGJ0c3B1aGxlci5jAdGhvbWFzQGJ0c3B1aGxlci5jb20AYnJ1bm81MA==
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: xsasl_cyrus_server_first: decoded 
> > initial response thomas at btspuhler.com
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: > 
> > aargau.btspuhler.com[127.0.0.1]: 535 5.7.0 Error: authentication failed: 
> > authentication failure
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: smtp_get: EOF
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: match_hostname: 
> > aargau.btspuhler.com ~? 127.0.0.0/8
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: match_hostaddr: 127.0.0.1 ~? 
> > 127.0.0.0/8
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: lost connection after AUTH from 
> > aargau.btspuhler.com[127.0.0.1]
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: disconnect from 
> > aargau.btspuhler.com[127.0.0.1]
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: master_notify: status 1
> > Sep  9 21:35:00 aargau postfix/smtpd[10336]: connection closed
> >
> > and from /var/log/auth.log
> > Sep  9 21:38:29 aargau postfix/smtpd[10396]: auxpropfunc error invalid 
> > parameter supplied 
> > Sep  9 21:38:29 aargau postfix/smtpd[10396]: _sasl_plugin_load failed on 
> > sasl_auxprop_plug_init for plugin: ldapdb 
> 
> Does the basic SASL troubleshooting work
> (http://wiki.kolab.org/index.php/Kolab2_Server_Troubleshooting_-_SASL)?
> Can you log in from the command line?

This works great.
# testsaslauthd -u thomas at btspuhler.com -p mypasswd
0: OK "Success."

> 
> Cheers,
> 
> Gunnar
> 
> >
> >
> > I altered the passwords slightly
> > -- 
> >
> > Thomas Spuhler
> >
> > _____________________

I commented out the tls-only for debuging.
No I get this when trying to authenticate from outside using telnet:

$ telnet aargau.btspuhler.com 25
Trying 168.103.242.218...
Connected to aargau.btspuhler.com (168.103.242.218).
Escape character is '^]'.
220 aargau.btspuhler.com ESMTP Postfix
EHLO mydomain.com
250-aargau.btspuhler.com
250-PIPELINING
250-SIZE 5000000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH GSSAPI CRAM-MD5 DIGEST-MD5 LOGIN PLAIN
250-AUTH=GSSAPI CRAM-MD5 DIGEST-MD5 LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN AHRob21hc3NwdWhsZXIAYnJ1
535 5.7.0 Error: authentication failed: authentication failure

I noticed that I have 
250-AUTH GSSAPI CRAM-MD5 DIGEST-MD5 LOGIN PLAIN

twice but i have smtpd.conf 
pwcheck_method: saslauthd
mech_list: PLAIN

on the old server that works I have the same in smtpd.conf but I get

250 AUTH PLAIN and only once
*****
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN
250 8BITMIME
****
maybe the /var/log/auth.log gives the clue?

Thanks
Thomas

More information about the users mailing list