Re: Authentication unsuccessful relaying from Postfix to Microsoft ESMTP MAIL Service

To: debian-user@lists.debian.org
Subject: Re: Authentication unsuccessful relaying from Postfix to Microsoft ESMTP MAIL Service
From: Camaleón <noelamac@gmail.com>
Date: Sun, 9 May 2010 17:43:02 +0000 (UTC)
Message-id: <[🔎] pan.2010.05.09.17.43.01@gmail.com>
References: <[🔎] 20100509160652.GB10881@rimmer.esmertec.com>

On Sun, 09 May 2010 17:06:52 +0100, Clive Standbridge wrote:

> I'm trying in vain to relay external mail from postfix on a Debian lenny
> machine to a Microsoft SMTP server on the Internet.  I've been reading
> and searching for days. I've tried numerous combinations of settings
> although I'm note certain what they all do and am experiencing
> information overload.

O.k. Then you need to setup Postfix SSL/TLS acting as client, not server. 
 
(...)

> When I change relayhost to NEWSERVER:587, the mail gets stuck in
> postfix. In /var/log/mail.log I see "Authentication unsuccessful".

(...)

> So my questions are:
>  * How can I fix this in Postfix?

Let's see the logs...

>  * Can Postfix do this? Or do I need to change to something else e.g.
>  Exim? 

Yes, you can setup Postfix for this.

> * What does IceDove do that Postfix doesn't?

Logs will tell.
 
> The rest of this mail contains more detail.
> 
> I've tried with:
>  * smtp_sasl_security_options set to noanonymous and empty *
>  smtp_tls_security_level set to "may", "none", "encrypt" and not set. *
>  relayhost set to NEWSERVER:587 and [NEWSERVER]:587 in main.cf and
>    sasl_passwd (kept them in step and updated sasl_passwd.db each time)

The doc you have to follow stands here:

http://www.postfix.org/SASL_README.html#client_sasl

> /var/log/mail.log:

(...)

> May  9 16:30:01 rimmer postfix/smtp[10643]: certificate verification failed for NEWSERVER[NEWSERVER-IPADDR]:587: untrusted issuer /L=ValiCert Validation Network/O=ValiCert, Inc./OU=ValiCert Class 2 Policy Validation Authority/CN=http://www.valicert.com//emailAddress=info@valicert.com

Server replies that does not trust the issuer of that CA.

(...)

> May  9 16:30:01 rimmer postfix/smtp[10643]: Untrusted TLS connection established to NEWSERVER[NEWSERVER-IPADDR]:587: TLSv1 with cipher RC4-MD5 (128/128 bits)

I guess your are having problems with the certificate itself. It cannot 
be verified by the remote server.

Note: I think Thunderbird uses its own SSL CA root certificates database... 

Greetings,

-- 
Camaleón

Reply to:

Follow-Ups:
- Re: Authentication unsuccessful relaying from Postfix to Microsoft ESMTP MAIL Service
  - From: Sven Joachim <svenjoac@gmx.de>
- Re: Re: Authentication unsuccessful relaying from Postfix to MicrosoftESMTP MAIL Service
  - From: Clive Standbridge <Clive.Standbridge@myriadgroup.com>

References:
- Authentication unsuccessful relaying from Postfix to Microsoft ESMTP MAIL Service
  - From: Clive Standbridge <Clive.Standbridge@myriadgroup.com>

Prev by Date: Re: Iceweasel/FF makes the embedded videos going 4 times faster when it bugs!
Next by Date: Before I "bug" cron...
Previous by thread: Re: Re: Authentication unsuccessful relaying from Postfix to Microsoft ESMTP MAIL Service
Next by thread: Re: Authentication unsuccessful relaying from Postfix to Microsoft ESMTP MAIL Service
Index(es):
- Date
- Thread