| View previous topic :: View next topic |
| Author |
Message |
mariourk
l33t
Joined: 11 Jul 2003
Posts: 807
Location: Urk, Netherlands
|
 Posted: Mon Jul 16, 2007 9:33 am Post subject: smtp authentication does not work with outlook [solved] |
 |
|
I have been following this howto to get smtp authentication working with Cyrus-sasl.
This allows me to send emails through my mailserver, even if I'm somewhere else.
The problem is that it doesn't work with outlook. Evolution and Thunderbird go fine,
but outlook refuses to authenticate. I configured the outgoing mail settings in outlook
the authenticate (using TLS) with the smtp-server. But when I try to send an email,
I get a relay access denied error, because outlook does not authenticate.
Does someone have experience with this (very strange) problem? 
_________________
If there is one thing to learn from history, it's that we usualy don't learn anything from it, at all.
Last edited by mariourk on Mon Jul 23, 2007 12:52 pm; edited 1 time in total |
|
| Back to top |
|
 |
magic919
Advocate
Joined: 17 Jun 2005
Posts: 2182
Location: Berkshire, UK
|
| Posted: Mon Jul 16, 2007 10:22 am Post subject: |
|
|
| Might be worth breaking it down a bit. Can you just smtp-auth without the TLS? |
|
| Back to top |
|
|
mariourk
l33t
Joined: 11 Jul 2003
Posts: 807
Location: Urk, Netherlands
|
| Posted: Mon Jul 16, 2007 10:39 am Post subject: |
|
|
Without TLS, outlook still does't authenticate.
_________________
If there is one thing to learn from history, it's that we usualy don't learn anything from it, at all. |
|
| Back to top |
|
|
magic919
Advocate
Joined: 17 Jun 2005
Posts: 2182
Location: Berkshire, UK
|
| Posted: Mon Jul 16, 2007 10:51 am Post subject: |
|
|
| When you telnet to port 25 and give it an EHLO do you get all the smtp-auth options? |
|
| Back to top |
|
|
schally
Apprentice
Joined: 13 May 2004
Posts: 207
|
| Posted: Mon Jul 16, 2007 11:38 am Post subject: Re: smtp authentication does not work with outlook |
|
|
| mariourk wrote: |
...because outlook does not authenticate...
|
why do you use outlook anyway when thunderbird is doing fine?
_________________
Our glory is not in never falling but in rising again every time we fall -Konfuzius
greetz
- schally |
|
| Back to top |
|
|
mariourk
l33t
Joined: 11 Jul 2003
Posts: 807
Location: Urk, Netherlands
|
| Posted: Mon Jul 16, 2007 12:35 pm Post subject: |
|
|
| Quote: |
why do you use outlook anyway when thunderbird is doing fine?
|
Ah, that is a very good question 
The server I'm referring to, is the mailserver of our company.
I'm using Evolution myself. And when I'm working in a windows environment
(sometimes it cannot be avoided...  ) I use Thunderbird. So far , so good.
Unfortunately most of the users here, use Outlook for their email. In this case,
the laptop users, it's all of them, who use outlook. So...
If it was up to me, I would have abandoned windows a long time ago.
Unfortunately, this is easier said than done. 
_________________
If there is one thing to learn from history, it's that we usualy don't learn anything from it, at all. |
|
| Back to top |
|
|
schally
Apprentice
Joined: 13 May 2004
Posts: 207
|
| Posted: Mon Jul 16, 2007 12:56 pm Post subject: |
|
|
hm,... why you don't make the first step and bann outlock/outlook??
_________________
Our glory is not in never falling but in rising again every time we fall -Konfuzius
greetz
- schally |
|
| Back to top |
|
|
elgato319
Guru
Joined: 15 Sep 2005
Posts: 546
|
| Posted: Mon Jul 16, 2007 7:37 pm Post subject: |
|
|
main.cf:
debug_peer_level = 5
debug_peer_list = 10.x.x.x (ip from the outlook client)
if the outlook client connects again you should see more output in your logfiles. |
|
| Back to top |
|
|
mariourk
l33t
Joined: 11 Jul 2003
Posts: 807
Location: Urk, Netherlands
|
| Posted: Mon Jul 23, 2007 9:05 am Post subject: |
|
|
Sorry for the late respons, I've been busy this weekend.
I've used your advise to get some more detailed info from the logs.
There is a difference between outlook and Evolution. But I can't figure out
why there is a difference. Here is the output from the logs.
Download the logfile from outlook here
Download the logfile from Evolution here
I noticed a difference at the beginning of the logs
Outlook
| Code: |
Jul 23 10:02:19 mail postfix/smtpd[32585]: > uk-dd61.mxs.adsl.euronet.nl[81.68.251.97]: 250-STARTTLS
Jul 23 10:02:19 mail postfix/smtpd[32585]: > uk-dd61.mxs.adsl.euronet.nl[81.68.251.97]: 250-ENHANCEDSTATUSCODES
Jul 23 10:02:19 mail postfix/smtpd[32585]: > uk-dd61.mxs.adsl.euronet.nl[81.68.251.97]: 250-8BITMIME
Jul 23 10:02:19 mail postfix/smtpd[32585]: > uk-dd61.mxs.adsl.euronet.nl[81.68.251.97]: 250 DSN
Jul 23 10:02:19 mail postfix/smtpd[32585]: watchdog_pat: 0x80cb610
Jul 23 10:02:19 mail postfix/smtpd[32585]: vstream_fflush_some: fd 18 flush 133
Jul 23 10:02:19 mail postfix/smtpd[32585]: vstream_buf_get_ready: fd 18 got 36
Jul 23 10:02:19 mail postfix/smtpd[32585]: < uk-dd61.mxs.adsl.euronet.nl[81.68.251.97]: MAIL FROM: <mario@famtennapel.com>
|
Evolution
| Code: |
Jul 23 10:07:00 mail postfix/smtpd[32605]: > uk-dd61.mxs.adsl.euronet.nl[81.68.251.97]: 250-STARTTLS
Jul 23 10:07:00 mail postfix/smtpd[32605]: > uk-dd61.mxs.adsl.euronet.nl[81.68.251.97]: 250-ENHANCEDSTATUSCODES
Jul 23 10:07:00 mail postfix/smtpd[32605]: > uk-dd61.mxs.adsl.euronet.nl[81.68.251.97]: 250-8BITMIME
Jul 23 10:07:00 mail postfix/smtpd[32605]: > uk-dd61.mxs.adsl.euronet.nl[81.68.251.97]: 250 DSN
Jul 23 10:07:00 mail postfix/smtpd[32605]: watchdog_pat: 0x80cb610
Jul 23 10:07:00 mail postfix/smtpd[32605]: vstream_fflush_some: fd 18 flush 133
Jul 23 10:07:00 mail postfix/smtpd[32605]: vstream_buf_get_ready: fd 18 got 10
Jul 23 10:07:00 mail postfix/smtpd[32605]: < uk-dd61.mxs.adsl.euronet.nl[81.68.251.97]: STARTTLS
Jul 23 10:07:00 mail postfix/smtpd[32605]: > uk-dd61.mxs.adsl.euronet.nl[81.68.251.97]: 220 2.0.0 Ready to start TLS
|
However, I couldn't figure out why there is a difference.
I hope someone can shed some light on this.
_________________
If there is one thing to learn from history, it's that we usualy don't learn anything from it, at all. |
|
| Back to top |
|
|
mariourk
l33t
Joined: 11 Jul 2003
Posts: 807
Location: Urk, Netherlands
|
| Posted: Mon Jul 23, 2007 12:47 pm Post subject: |
|
|
I think I solved the problem. In outlook I had to enable to use SSL when contacting the SMTP-server.
I tried this before, but that led to another problem. The email returned with this error:
| Code: |
504 5.5.2 <mario>: Helo command rejected: need fully-qualified hostname
|
It turned out this was caused by my postfix configuration in /etc/postfix/main.cf
I had to edit the smtpd_recipient_restrictions option and move permit_mynetworks and
permit_sasl_authenticated to the top of the list. (well, almost the top) It now looks like this:
| Code: |
smtpd_recipient_restrictions =
check_client_access hash:/etc/postfix/helo_client_exceptions,
check_sender_access hash:/etc/postfix/sender_checks,
permit_mynetworks,
permit_sasl_authenticated,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_destination,
check_policy_service inet:127.0.0.1:10030
|
I hope this will help someone. 
_________________
If there is one thing to learn from history, it's that we usualy don't learn anything from it, at all. |
|
| Back to top |
|
|
Mr.C.
n00b
Joined: 25 Feb 2007
Posts: 35
|
| Posted: Mon Jul 23, 2007 5:24 pm Post subject: |
|
|
Make sure that both files listed here:
| Code: | check_client_access hash:/etc/postfix/helo_client_exceptions,
check_sender_access hash:/etc/postfix/sender_checks, |
do *not* have OK results listed, or you have created an open relay.
MrC |
|
| Back to top |
|
|
mariourk
l33t
Joined: 11 Jul 2003
Posts: 807
Location: Urk, Netherlands
|
| Posted: Tue Jul 24, 2007 9:44 am Post subject: |
|
|
I will keep an eye on it. Thank you for pointing it out
_________________
If there is one thing to learn from history, it's that we usualy don't learn anything from it, at all. |
|
| Back to top |
|
|
|
Networking & Security
