NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2007-07

Re: how to set up postfix smtp client to use SSL (port 465)

From: Joe Harvell (jharvell+lists.postfix.usersdogpad.net)
Date: Tue Jul 31 2007 - 17:38:21 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Never mind. Somehow I hadn't saved an editor buffer or something. I
noticed a postfix log stating that saslpass.db was older than its
source. I updated it and it now works. Thanks for your help.

Joe Harvell wrote:
> Ok. This partially works. But now I can't get postfix to do SMTP auth
> to the relay:
>
>
> main.cf
> smtp_tls_per_site=hash:/etc/postfix/tls_per_site
> smtp_sasl_security_options=
> smtp_sasl_auth_enable=yes
> smtp_sasl_password_maps=hash:/etc/postfix/saslpass
> # look at stunnel.conf to find real relay
> relayhost=[dingo.pvt]:56399
>
>
> stunnel.conf
> client=yes
> [att ssmtp]
> accept = dingo.pvt:56399
> connect = smtp.att.yahoo.com:465
>
> # remotehost user:password
> smtp.att.yahoo.com <secret>
> smtp.sbcglobal.yahoo.com <secret>
> smtp-sbc.mail.yahoo.com <secret>
> smtp.sbc.mail.yahoo4.akadns.net <secret>
> dingo.pvt <secret>
>
>
> I get mail bounced with 530 - Authentication Required.
>
> I captured packets on the unencrypted side of the stunnel:
>
>
> rcv 220 smtp114.sbc.mail.re2.yahoo.com ESMTP
> snd EHLO 75.32.10.169
> rcv 250-smtp114.sbc.mail.re2.yahoo.com
> rcv 250-AUTH LOGIN PLAIN XYMCOOKIE
> rcv 250-PIPELINING
> rcv 250 8BITMIME
> snd MAIL FROM:<jharvelldogpad.net>
> snd RCPT TO:<harvellnortel.com>
> snd DATA
> rcv 530 authentication required - for help go to
> http://help.yahoo.com/help/us/sbc/dsl/mail/pop/pop-11.html
>
> Clearly, Postfix is not performing SMTP Auth. But it does do this when
> I specify relayhost as [smtp.att.yahoo.com]:25. I assume Postfix must
> be trying to match entries in saslpass by doing a reverse DNS lookup of
> the IP address identified by the relayhost hostname. So for dingo.pvt,
> I expect it resolves that to an address then does a reverse lookup to
> get the canonical name. But dingo.pvt (actually dingo.pvt.) is the
> canonical name:
>
> dig -t a dingo.pvt
> ;; ANSWER SECTION:
> dingo.pvt. 0 IN A 192.168.11.1
>
> dig -t ptr 1.11.168.192.in-addr.arpa.
> ;; ANSWER SECTION:
> 1.11.168.192.in-addr.arpa. 172800 IN PTR dingo.pvt.
>
>
> Things I already tried:
>
> - postmap /etc/postfix/saslpass
> - restarting postfix
> - restarting saslauthd
> - putting dingo.pvt. instead of dingo.pvt in my saslpass
>
>
> Noel Jones wrote:
>
>> At 03:25 PM 7/31/2007, Joe Harvell wrote:
>>
>>> I can configure Thunderbird to deliver to smtp.att.yahoo.com using
>>> SMTP over SSL (port 465). How can I do this with Postfix?
>>>
>> There was a recent thread about this.
>> http://archives.neohapsis.com/archives/postfix/2007-03/1350.html
>>
>> Ask again if you need further help.
>>
>>
>
>
>
>
>

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]