Guest sleepyhead Posted July 8, 2004 Report Share Posted July 8, 2004 (edited) My ISP is Earthlink, and I have a dynamic IP. I run an MTA (Postfix) on Mandrake 10 official. I occasionally get mail rejected due to my IP address being listed on DUN RBLs. I finally decided it was time to fix my setup and route my outgoing mail through my ISP's MTA. My ISP is Earthlink, and they require SMTP authentication to relay mail through their MTA. I'm having lots of trouble getting this working. I'm using the packages provided by Mandrake (postfix-2.1.1-0.1.100mdk and cyrus-sasl-2.1.15-10mdk). The Earthlink MTA is smtpauth.earthlink.net. Here is the relevant output from postconf: smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd smtp_sasl_path = smtp_sasl_security_options = smtp_sasl_tls_security_options = $var_smtp_sasl_opts smtp_sasl_tls_verified_security_options = $var_smtp_sasl_tls_opts transport_maps = hash:/etc/postfix/transport Here is my sasl_password file (modified): smtpauth.earthlink.net myusername@earthlink.net:mypasswd Here is my transport file: yahoo.com smtp:smtpauth.earthlink.net .yahoo.com smtp:smtpauth.earthlink.net Opening an smtp session with smtpauth.earthlink.net reveals that the server supports the following auth methods: PLAIN LOGIN CRAM-MD5 When I try to send email to to my yahoo.com address, postfix tries to relay through smtpauth.earthlink.net as expected, but has trouble authenticating: Jul 7 19:11:43 www postfix/smtp[15519]: 30DD570C51B: Authentication failed: cannot SASL authenticate to server smtpauth.earthlink.net[207.217.121.156]: no mechanism available Jul 7 19:11:44 www postfix/smtp[15519]: 30DD570C51B: to=<eqluzer@yahoo.com>, relay=smtpauth.earthlink.net[207.217.121.150], delay=2, status=deferred (Authentication failed: cannot SASL authenticate to server smtpauth.earthlink.net[207.217.121.150]: no mechanism available) Jul 7 19:11:43 www postfix/smtp[15519]: warning: SASL authentication failure: No worthy mechs found How do I enable these mechanisms? Everything I've googled leads me to believe that I have the configuration correct. Do I need to install some additional RPMs for each auth method? Do I need to recompile Postfix from source to enable SASL? Thanks for any help! Edited July 8, 2004 by sleepyhead Quote Link to comment Share on other sites More sharing options...
streeter Posted July 8, 2004 Report Share Posted July 8, 2004 No need to compile - sasl is included in the mdk postfix rpm. I have this working, but cannot really remember what I did (!!). I do however maintain a file I keep setup notes of all sorts in, so this extract may help, particularly the URL: #To enable relaying through isp (allow auth): echo auth.smtp.myisp.co.uk user:pass >> /etc/postfix/isp_auth (I made this filename up) #To hash passwd list do: postmap hash:/etc/postfix/isp_auth /etc/postfix/main.cf: (see /usr/share/doc/postfix/samples/sample-auth.cf) smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/isp_auth smtp_sasl_security_options = (blank. allows any auth. including plain text) See http://postfix.state-of-mind.de/patrick.koetter/smtpauth/ error message after upgrade from 9.1 - 10.0: (Authentication failed: cannot SASL authenticate to server auth.smtp.myisp.co.uk[xxx.xxx.xxx.xxx]: no mechanism available) Reinstalling cyrix-sasl fixed it Quote Link to comment Share on other sites More sharing options...
Guest sleepyhead Posted July 8, 2004 Report Share Posted July 8, 2004 Thanks for the post! It verified that I have the config correct, and that I don't need to compile a custom Postfix. In the how-to you linked, I learned that possibly I need to install seperate packages for each of the auth methods. However, urpmi was not finding any of the packages. So, I went over to http://urpmi.org/easyurpmi/ and used their tool to add contrib and external add-on sources, and then urpmi found packages for all auth methods. I installed libsasl2-plug-crammd5, and everything works fine now. Now, what would be the best option, route ALL uotgoing mail through Earthlink's MTA? Or, only do so for outgoing mail destined for domains that reject my mail due to DUN RBLs? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.