Walt Shekrota
2011-03-24 18:45:41 UTC
What I want:
on a 10.10 ubuntu minimal system install
postfix/dovecot configured w/ smtp for outgoing
fetchmail works
procmail works
My trouble surrounds smtp auth and since I have never used imap I'll deal with
that last.
Ultimately I want all my email in one place so clients can connect from
anywhere. From reading I got the idea Dovecot was the way to go. No where did
it seem to elaborate the documented pieces that go in these config files. Like
the idea below that there are 2 different auths going on.
I might have an understanding issue here so I'll elaborate on authorization.
I'm thinking that smtpd_sender_login_maps is the IP of the smtp relay your ISP
would provide?
and that (if kept to plain text and I did to simplify testing) the id/password
in dovecot.conf (passwd.file) is the local userid that will hold the pop mail
requested.
wshek{plain}mypassword
when I send an email I note the following line in the /var/log/mail.log
-----
Mar 24 13:57:27 ubu postfix/smtp[15875]: BAD9F82CB0:
to=<***@gmail.com>, relay=199.224.64.207[199.224.64.207]:25,
delay=0.57, delays=0.2/0.03/0.17/0.17, dsn=5.7.1, status=bounced (host
199.224.64.207[199.224.64.207] said: 554 5.7.1 Error: The message could not be
sent because your e-mail program needs to identify itself to the sending mail
server. Please see http://support.frontiernet.net/smtp for instructions on how
to correct this setting in your e-mail program.
(pool-96-233-230-70.rlghnc.dsl-w.verizon.net[96.233.230.70] to <Client host>)
(in reply to RCPT TO command))
-----
I assume that by 'identify itself' this message is referring to sasl
authentication as was configured in my previous MTA. The file sasl_password in
/etc/postfix contains 'smtp.frontier.com wshekrota:mypassword'.
postmap hash:/etc/postfix/sasl_password (was run against the file to create
the .db)
if I telnet localhost smtp I get a lot of seemingly inert debug or trace info
in the same log which ultimately gets...
SASL: Connect to private/auth failed: connection refused
if I telnet to localhost imap2 I seem to get a normal ready connection.
postconf -n
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = no
config_directory = /etc/postfix
mydestination = $myhostname, localhost
myhostname = ubu.nothing.org
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
readme_directory = no
relayhost = 199.224.64.207
smtp_use_tls = no
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options =
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = hash:/etc/postfix/sasl_password
smtpd_tls_auth_only = no
smtpd_tls_cert_file =
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_tls_received_header = no
smtpd_use_tls = no
tls_random_source = dev:/dev/urandom
Again I'm trying to get the simplest plain text version of this going that I
can expand later. (with ssl)
Thanks for any enlightenment.
-Walt
on a 10.10 ubuntu minimal system install
postfix/dovecot configured w/ smtp for outgoing
fetchmail works
procmail works
My trouble surrounds smtp auth and since I have never used imap I'll deal with
that last.
Ultimately I want all my email in one place so clients can connect from
anywhere. From reading I got the idea Dovecot was the way to go. No where did
it seem to elaborate the documented pieces that go in these config files. Like
the idea below that there are 2 different auths going on.
I might have an understanding issue here so I'll elaborate on authorization.
I'm thinking that smtpd_sender_login_maps is the IP of the smtp relay your ISP
would provide?
and that (if kept to plain text and I did to simplify testing) the id/password
in dovecot.conf (passwd.file) is the local userid that will hold the pop mail
requested.
wshek{plain}mypassword
when I send an email I note the following line in the /var/log/mail.log
-----
Mar 24 13:57:27 ubu postfix/smtp[15875]: BAD9F82CB0:
to=<***@gmail.com>, relay=199.224.64.207[199.224.64.207]:25,
delay=0.57, delays=0.2/0.03/0.17/0.17, dsn=5.7.1, status=bounced (host
199.224.64.207[199.224.64.207] said: 554 5.7.1 Error: The message could not be
sent because your e-mail program needs to identify itself to the sending mail
server. Please see http://support.frontiernet.net/smtp for instructions on how
to correct this setting in your e-mail program.
(pool-96-233-230-70.rlghnc.dsl-w.verizon.net[96.233.230.70] to <Client host>)
(in reply to RCPT TO command))
-----
I assume that by 'identify itself' this message is referring to sasl
authentication as was configured in my previous MTA. The file sasl_password in
/etc/postfix contains 'smtp.frontier.com wshekrota:mypassword'.
postmap hash:/etc/postfix/sasl_password (was run against the file to create
the .db)
if I telnet localhost smtp I get a lot of seemingly inert debug or trace info
in the same log which ultimately gets...
SASL: Connect to private/auth failed: connection refused
if I telnet to localhost imap2 I seem to get a normal ready connection.
postconf -n
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = no
config_directory = /etc/postfix
mydestination = $myhostname, localhost
myhostname = ubu.nothing.org
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
readme_directory = no
relayhost = 199.224.64.207
smtp_use_tls = no
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options =
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = hash:/etc/postfix/sasl_password
smtpd_tls_auth_only = no
smtpd_tls_cert_file =
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_tls_received_header = no
smtpd_use_tls = no
tls_random_source = dev:/dev/urandom
Again I'm trying to get the simplest plain text version of this going that I
can expand later. (with ssl)
Thanks for any enlightenment.
-Walt