From: ankush grover (no email)
Date: Thu Oct 05 2006 - 00:12:01 EDT
>
> I think he has enabled SMTP-Auth in his Client.
I using Outlook Express 5.0 on Windows 98 and I have enabled SMTP-AUTH
(My server requires authentication is enabled).
>
> SMTP has diffrent States.
>
> "CONNECT" is from the Client-Connect until the HELO/EHLO.
> "HELO/HELO" is from the Client sends EHLO until the Client sends "MAIL FROM".
> "MAIL" ....
>
> In this case the Client disconnects before it sends the EHLO-Command or
> better, before the Server receives the EHLO. And before the Client sees
> AUTH... or STARTTLS-Headers.
>
> The only Reason I see for that is something in between the Client and the
> Server which "fixup"s the SMTP-Traffic.
>
I have Pix Firewall running for the LAN protection and the Mail
server(Fedora Core3) is in LAN but that server(FC3) is accessible
through Internet. The MailGuard (Mail Server Protection) is enabled
Pix Firewall.
I running Webmail on the Fedora Core3 and I can access(through
browser) the webmail from remote client and there is no problem in
sending or receiving mails through webmail.
> The Client connects, sends EHLO and the thing between says "5xx Command not
> supported". The Client knows, no EHLO no Authentification and Disconnects.
>
> If SMTP-Auth is disabled in the Client, the Client would send HELO after the
> failed EHLO and tries to send the Mail. Which would end in an "Relay Access
> denied".
>
> > > -- active SMTP AUTH and TLS parameters for smtpd --
> > > broken_sasl_auth_clients = yes
> > > smtpd_sasl_auth_enable = yes
> > > smtpd_sasl_local_domain =
> > > smtpd_sasl_security_options = noanonymous
> > > smtpd_tls_CAfile = /etc/postfix/cacert.pem
> > > smtpd_tls_auth_only = yes
> >
> > Ah, that explains why you don't get an auth line. Please deactive that
> > line while you debug sasl auth.
> >
> > smtpd_tls_auth_only = no
> >
> > Then execute "postfix reload".
> >
> > You can only authenticate now, if you use tls for your connection.
>
> Yes, good catch. But I would guess after the thing above.
>
> --
I changed from smtpd_tls_auth_only = yes to smtpd_tls_auth_only = no
but still the problem persists.
If I disable the TLS in Outlook Express then I get the relay access
denied error.
Even with smtpd_tls_auth_only = no and TLS is on the client side there
is no change in the logs
Oct 3 21:49:47 mail postfix/smtpd[6999]: warning: smtpd_peer_init:
125.23.52.249: hostname
dsl-ncr-dynamic-249.52.23.125.airtelbroadband.in verification failed:
Name or service not known
Oct 3 21:49:47 mail postfix/smtpd[6999]: connect from unknown[125.23.52.249]
Oct 3 21:49:48 mail postfix/smtpd[6999]: lost connection after
CONNECT from unknown[125.23.52.249]
Oct 3 21:49:48 mail postfix/smtpd[6999]: disconnect from unknown[125.23.52.249]
I am using MailScanner with the Postfix. What should I do next ?
Thanks & Regards
Ankush Grover
|
|
|