Amin El-Zein
asked on
postfix auth error
Hello,
I get always this error on my postfix: Out: 250 2.0.0 Ok
In: AUTH LOGIN
Out: 334 VXNlcm5hbWU6
In: dGVzdDFAaXAtMTQ3LTEzNS0yMj cuZXU=
Out: 334 UGFzc3dvcmQ6
In: dGVzdDExMTE=
Out: 535 5.7.8 Error: authentication failed: authentication failure
In: RSET
Out: 250 2.0.0 Ok
In: AUTH LOGIN
Out: 334 VXNlcm5hbWU6
In: dGVzdDFAaXAtMTQ3LTEzNS0yMj cuZXU=
Out: 334 UGFzc3dvcmQ6
In: dGVzdDEyMjI=
Out: 535 5.7.8 Error: authentication failed: authentication failure
In: RSET
Out: 250 2.0.0 Ok
In: AUTH LOGIN
Out: 334 VXNlcm5hbWU6
In: dGVzdDFAaXAtMTQ3LTEzNS0yMj cuZXU=
Out: 334 UGFzc3dvcmQ6
In: dGVzdDEzMzM=
Out: 535 5.7.8 Error: authentication failed: authentication failure
In: RSET
Out: 250 2.0.0 Ok
In: AUTH LOGIN
Out: 334 VXNlcm5hbWU6
In: dGVzdDFAaXAtMTQ3LTEzNS0yMj cuZXU=
Out: 334 UGFzc3dvcmQ6
In: JW51bGwl
Out: 535 5.7.8 Error: authentication failed: authentication failure
In: RSET
Out: 250 2.0.0 Ok
In: AUTH LOGIN
Out: 334 VXNlcm5hbWU6
In: dGVzdDFAaXAtMTQ3LTEzNS0yMj cuZXU=
Out: 334 UGFzc3dvcmQ6
In: MTIz
Out: 535 5.7.8 Error: authentication failed: authentication failure
In: RSET
Out: 250 2.0.0 Ok
In: AUTH LOGIN
Out: 334 VXNlcm5hbWU6
In: dGVzdDFAaXAtMTQ3LTEzNS0yMj cuZXU=
Out: 334 UGFzc3dvcmQ6
In: MTIzMTIz
Out: 535 5.7.8 Error: authentication failed: authentication failure
In: RSET
Out: 250 2.0.0 Ok
In: AUTH LOGIN
Out: 334 VXNlcm5hbWU6
In: dGVzdDFAaXAtMTQ3LTEzNS0yMj cuZXU=
Out: 334 UGFzc3dvcmQ6
In: MTIzNA==
Out: 535 5.7.8 Error: authentication failed: authentication failure
In: RSET
Out: 250 2.0.0 Ok
In: AUTH LOGIN
Out: 334 VXNlcm5hbWU6
In: dGVzdDFAaXAtMTQ3LTEzNS0yMj cuZXU=
Out: 334 UGFzc3dvcmQ6
In: MTIzNDU=
Out: 535 5.7.8 Error: authentication failed: authentication failure
In: RSET
Out: 250 2.0.0 Ok
In: AUTH LOGIN
Out: 334 VXNlcm5hbWU6
In: dGVzdDFAaXAtMTQ3LTEzNS0yMj cuZXU=
Out: 334 UGFzc3dvcmQ6
In: MTIzNDU2
Out: 535 5.7.8 Error: authentication failed: authentication failure
Out: 421 4.7.0 mymail.com Error: too many errors
Session aborted, reason: too many errors
port 465 and 587 is allowed only from specific ip but I get this error … so where is the problem ?
thanks.
I get always this error on my postfix: Out: 250 2.0.0 Ok
In: AUTH LOGIN
Out: 334 VXNlcm5hbWU6
In: dGVzdDFAaXAtMTQ3LTEzNS0yMj
Out: 334 UGFzc3dvcmQ6
In: dGVzdDExMTE=
Out: 535 5.7.8 Error: authentication failed: authentication failure
In: RSET
Out: 250 2.0.0 Ok
In: AUTH LOGIN
Out: 334 VXNlcm5hbWU6
In: dGVzdDFAaXAtMTQ3LTEzNS0yMj
Out: 334 UGFzc3dvcmQ6
In: dGVzdDEyMjI=
Out: 535 5.7.8 Error: authentication failed: authentication failure
In: RSET
Out: 250 2.0.0 Ok
In: AUTH LOGIN
Out: 334 VXNlcm5hbWU6
In: dGVzdDFAaXAtMTQ3LTEzNS0yMj
Out: 334 UGFzc3dvcmQ6
In: dGVzdDEzMzM=
Out: 535 5.7.8 Error: authentication failed: authentication failure
In: RSET
Out: 250 2.0.0 Ok
In: AUTH LOGIN
Out: 334 VXNlcm5hbWU6
In: dGVzdDFAaXAtMTQ3LTEzNS0yMj
Out: 334 UGFzc3dvcmQ6
In: JW51bGwl
Out: 535 5.7.8 Error: authentication failed: authentication failure
In: RSET
Out: 250 2.0.0 Ok
In: AUTH LOGIN
Out: 334 VXNlcm5hbWU6
In: dGVzdDFAaXAtMTQ3LTEzNS0yMj
Out: 334 UGFzc3dvcmQ6
In: MTIz
Out: 535 5.7.8 Error: authentication failed: authentication failure
In: RSET
Out: 250 2.0.0 Ok
In: AUTH LOGIN
Out: 334 VXNlcm5hbWU6
In: dGVzdDFAaXAtMTQ3LTEzNS0yMj
Out: 334 UGFzc3dvcmQ6
In: MTIzMTIz
Out: 535 5.7.8 Error: authentication failed: authentication failure
In: RSET
Out: 250 2.0.0 Ok
In: AUTH LOGIN
Out: 334 VXNlcm5hbWU6
In: dGVzdDFAaXAtMTQ3LTEzNS0yMj
Out: 334 UGFzc3dvcmQ6
In: MTIzNA==
Out: 535 5.7.8 Error: authentication failed: authentication failure
In: RSET
Out: 250 2.0.0 Ok
In: AUTH LOGIN
Out: 334 VXNlcm5hbWU6
In: dGVzdDFAaXAtMTQ3LTEzNS0yMj
Out: 334 UGFzc3dvcmQ6
In: MTIzNDU=
Out: 535 5.7.8 Error: authentication failed: authentication failure
In: RSET
Out: 250 2.0.0 Ok
In: AUTH LOGIN
Out: 334 VXNlcm5hbWU6
In: dGVzdDFAaXAtMTQ3LTEzNS0yMj
Out: 334 UGFzc3dvcmQ6
In: MTIzNDU2
Out: 535 5.7.8 Error: authentication failed: authentication failure
Out: 421 4.7.0 mymail.com Error: too many errors
Session aborted, reason: too many errors
port 465 and 587 is allowed only from specific ip but I get this error … so where is the problem ?
thanks.
Try the following example.
Note the username and password need to be the username, and password to be used.
https://www.ndchost.com/wiki/mail/test-smtp-auth-telnet
Note the username and password need to be the username, and password to be used.
https://www.ndchost.com/wiki/mail/test-smtp-auth-telnet
Arnold is correct, we can't do much without seeing the initial negotation -- particularly where the receiving MTA says "I will accept these methods ..."
Tip: Best to debug this using https://www.jetmore.org/john/code/swaks with a command line similar to this...
You may have to leave off the -tls option.
Post the entire SWAKS conversation output for debugging.
Note: You must run SWAKS on the IP actually whitelisted by your SPF record for this to work.
swaks -s smtp.mailgun.org:587 -tls -auth -au $user -ap $pass "test mail \$(date)\" --from=$from --to=$to
You may have to leave off the -tls option.
Post the entire SWAKS conversation output for debugging.
Note: You must run SWAKS on the IP actually whitelisted by your SPF record for this to work.
Is there anything in the logs of the mail server?...
There must be a reason for the rejection, most server logs the reason for failure as well as the fact.
(those reasons are not on the communication with clients,esp. on authentication).
There must be a reason for the rejection, most server logs the reason for failure as well as the fact.
(those reasons are not on the communication with clients,esp. on authentication).
You said, "port 465 and 587 is allowed only from specific ip but I get this error … so where is the problem ?"
If you mean the incoming MTA is running like this, best to remove all related firewall rules, as this will never work in real life... if you expect your MTA to accept mail from various places for any user handled by the MTA.
If you mean the incoming MTA is running like this, best to remove all related firewall rules, as this will never work in real life... if you expect your MTA to accept mail from various places for any user handled by the MTA.
ASKER
how I can restrict specific ip to send emails from postfix to outside?
thanks.
thanks.
please explain what you mean. you can restrict which IP/s are allowed to send emails through the postfix using the config and mynetworks.
you can use transports to direct a domain to a specific destination.
Your question seems as though a configuration on the firewall when it sees traffic from the internal IP of the postfix to a destination port 25 to use Source update to reflect the packet as coming from a specific WAN IP that the firewall has. this should match the IP on which port 25 is setup to go into the postfix if that is your setup.
you can use transports to direct a domain to a specific destination.
Your question seems as though a configuration on the firewall when it sees traffic from the internal IP of the postfix to a destination port 25 to use Source update to reflect the packet as coming from a specific WAN IP that the firewall has. this should match the IP on which port 25 is setup to go into the postfix if that is your setup.
ASKER
Hello,
postfix working as mail gateway
the mails flow is:
external email >>> postfix >>> local exchange server
local exchange Server >>> postfix >>> external emails.
so I want only the exchange server ip to send email to external mails.
do you want to show you my config ?
thanks.
postfix working as mail gateway
the mails flow is:
external email >>> postfix >>> local exchange server
local exchange Server >>> postfix >>> external emails.
so I want only the exchange server ip to send email to external mails.
do you want to show you my config ?
thanks.
you can in the main.cf file restrict only the IP of the exchange server
look at the main.cf for mynetworkw and see what it is set to, it needs to only have 127.0.0.1 localhost, and the LAN ip of the postfix and the IP of the exchange server
Commonly, it is set to the local LAN which would allow all local computers the rights to relay through this server.
not sure why you want to restrict, but if you do double check whether currently it is being used by anything other than the exchange /var/log/maillog
look at the main.cf for mynetworkw and see what it is set to, it needs to only have 127.0.0.1 localhost, and the LAN ip of the postfix and the IP of the exchange server
Commonly, it is set to the local LAN which would allow all local computers the rights to relay through this server.
not sure why you want to restrict, but if you do double check whether currently it is being used by anything other than the exchange /var/log/maillog
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Ehlo yourservername.?