You are not logged in.
Hey,
I need to wrok arround a blocked port 25 in my postfix-installation, so I decided to use smtp.gmail.com as a relay. The strange thing is that postfix does not send an 'auth' to gmail, resulting in an '530 Authentication Required'-answer. To be sure it is a configuration-problem, I tried it with Thunderbird and it worked.
My /etc/postfix/main.cf contains the following (I triple-checked, that this parameters aren't overwritten in the same file):
relayhost = [smtp.gmail.com]:587
smtpd_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/relay_passwd
smtp_sasl_security_options = noanonymous
smtp_use_tls=yes
smtp_tls_security_level = encrypt
smtp_tls_mandatory_ciphers = high
smtp_tls_security_level = secure
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
debug_peer_list=smtp.gmail.com
debug_peer_level=3
/etc/postfix/relay_passwd looks like
[smtp.gmail.com]:587 myaccount@gmail.com:mypassword
smtp.gmail.com myaccount@gmail.com:mypassword
And nevertheless journalctl --unit postfix gives me:
...
smtp_stream_setup: maxtime=300 enable_deadline=0
> smtp.gmail.com[173.194.70.109]:587: EHLO mail.example.com
< smtp.gmail.com[173.194.70.109]:587: 250-mx.google.com at your service, [100.00.valid.ip]
< smtp.gmail.com[173.194.70.109]:587: 250-SIZE 35882577
< smtp.gmail.com[173.194.70.109]:587: 250-8BITMIME
< smtp.gmail.com[173.194.70.109]:587: 250-AUTH LOGIN PLAIN XOAUTH XOAUTH2
< smtp.gmail.com[173.194.70.109]:587: 250 ENHANCEDSTATUSCODES
server features: 0x100b size 35882577
smtp_stream_setup: maxtime=300 enable_deadline=0
> smtp.gmail.com[173.194.70.109]:587: MAIL FROM:<user@example.com> SIZE=517
smtp_stream_setup: maxtime=300 enable_deadline=0
< smtp.gmail.com[173.194.70.109]:587: 530-5.5.1 Authentication Required. Learn more at
< smtp.gmail.com[173.194.70.109]:587: 530 5.5.1 http://support.google.com/mail/bin/answer.py?answer=14257 m1sm21344513eex.17 - gsmtp
...
Any ideas? I'm try this since hours now...
Thanks in advance!
[Edit: Yes, I ran 'postmap /etc/postfix/relay_passwd' after changing that file.]
Last edited by hiob (2013-06-23 22:57:46)
Offline
Well, I forgot something:
relayhost = [smtp.gmail.com]:587
smtpd_sasl_auth_enable = yes
smtp_sasl_auth_enable = yes # <=!
Note that the last line was missing before.
Last edited by hiob (2013-06-23 22:57:04)
Offline
Another Hint:
Thunderbird requires you to use the same SSL-Certificate for imaps and https iff one or both are signed by a trusted Root-CA. It will send an empty user like
imap-login: Disconnected (no auth attempts in 0 secs): user=<>, ...
and fail without any error-notice.
I'm posting it here because I found many old mailinglist-conversations on google without an solution, hopefully users with the same problem find it here
Offline