From: Victor Duchovni (no email)
Date: Thu Mar 11 2010 - 10:37:51 EST
On Thu, Mar 11, 2010 at 04:23:53PM +0100, Jiri Vitek wrote:
> 220 mx1.funlife.cz ESMTP
> EHLO cita
> 250-mx1.funlife.cz
> 250-PIPELINING
> 250-SIZE 15360000
> 250-VRFY
> 250-ETRN
> 250-STARTTLS
> 250-ENHANCEDSTATUSCODES
> 250-8BITMIME
> 250 DSN
Try the test from the server itself, to rule out firewalls messing with
server EHLO responses.
> cita at relax ~ $ telnet mx1.funlife.cz smtp
> Trying 82.208.35.125...
> Connected to mx1.funlife.cz.
> Escape character is '^]'.
> 220 mx1.funlife.cz ESMTP
> HELO cita
> 250 mx1.funlife.cz
> AUTH LOGIN dGVzdEAzc2l4dHkuZXU=
> 334 UGFzc3dvcmQ6
> dGVzdA==
> 235 2.7.0 Authentication successful
The account "" with password "test" should deleted ASAP.
Do not post encoded SASL handshakes to public mailing lists.
Passwords this trivial get exploited by spambots, never provision
accounts named "test" with a password of "test".
> postconf:
Don't post "postconf output", use "postconf -n" only.
> broken_sasl_auth_clients = yes
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_path = private/auth
> smtpd_sasl_type = dovecot
> smtpd_tls_auth_only = no
Dovecot SASL is enabled in the SMTP server for both TLS and plaintext
sessions, so it is not Postfix that is hiding "AUTH" in the EHLO
response.
-- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note.
|
|
|