mirror of
https://github.com/modoboa/modoboa.git
synced 2026-04-25 08:56:02 +03:00
[GH-ISSUE #1827] SMTP Auth not working #1434
Labels
No labels
bug
bug
dependencies
design
documentation
duplicate
enhancement
enhancement
enhancement
feedback-needed
help-needed
help-needed
installer
invalid
looking-for-sponsors
modoboa-contacts
new-ui
new-ui
pr
pull-request
pyconfr
python
question
security
stale
webmail
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/modoboa-modoboa#1434
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @pappastech on GitHub (Jan 19, 2020).
Original GitHub issue: https://github.com/modoboa/modoboa/issues/1827
Impacted versions
Steps to reproduce
Telnet to port 25 on server and look for the following after 'EHLO' command.
250-AUTH PLAIN LOGIN 250-AUTH=PLAIN LOGIN
I have been reviewing configuration files for a couple of hours and comparing to an existing mail server where this is working and have not found the problem yet.
Current behavior
AUTH is not displayed as available.
Expected behavior
AUTH should be presented as available.
Video/Screenshot link (optional)
Respectfully,
Tom
@Saulzi commented on GitHub (Jan 30, 2020):
I have the same issue, interestingly it says that it is when i telnet from the local machine but when I do it remotely it does not give me 250-AUTH
@Saulzi commented on GitHub (Jan 30, 2020):
@pappastech i have managed to get this to work for me after a little bit of research.
Steps to reproduce.
Fresh install on Ubuntu 18.04 on new VPS.
Attempt to connect using outlook etc not working.
telnet from local host displays message with ehlo command
telnet from remote host does not display message with ehlo command
it turns out that this is happening because of the postfix configuration,
the following line is the culprit
mynetworks = 127.0.0.0/8
basically this means authorize local machine only
this needs to be changed to
mynetworks_style = class
this will allow same network class i.e. A / B / C
then restart postfix and you can connect remotely
@pappastech commented on GitHub (Jan 31, 2020):
Good find Saulzi, but I think it's a better idea to specify both mynetworks and mynetworks_class; something like this so trust doesn't reach to unwanted SMTP clients.
mynetworks = 127.0.0.0/8 192.168.1.0/24
mynetworks_style = host
This works in my environment and restricts trusted SMTP hosts to the local client and offers SMTP AUTH to everyone else.
@Saulzi commented on GitHub (Jan 31, 2020):
@pappastech
I am no postfix expert but you may find the following interesting
http://www.postfix.org/BASIC_CONFIGURATION_README.html
Specify "mynetworks_style = class" when Postfix should forward mail from SMTP clients in the same IP class A/B/C networks as the local machine. Don't do this with a dialup site - it would cause Postfix to "trust" your entire provider's network. Instead, specify an explicit mynetworks list by hand, as described below.
Alternatively, you can specify the mynetworks list by hand, in which case Postfix ignores the mynetworks_style setting. To specify the list of trusted networks by hand, specify network blocks in CIDR (network/mask) notation, for example:
/etc/postfix/main.cf:
mynetworks = 168.100.189.0/28, 127.0.0.0/8
if you are your mail server is on the same network i.e. 192.168 then you will get the headers, not sure if your configuration will work from the public internet (if that is the intention?)
Again, I'm no expert so my settings could probably be better.
@Saulzi commented on GitHub (Jan 31, 2020):
ps. I have tested with mxtoolbox and Im not a public relay etc.