0

I am adding a Postfix /dovecot mail server in Outlook 2016.

It works on my phone and I can successfully authenticate using:

doveadm auth test user pass

postconf -n

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_percent_hack = no
append_dot_mydomain = no
biff = no
compatibility_level = 2
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = all
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
milter_default_action = accept
milter_protocol = 6
mydestination = $myhostname, [redacted.com], localhost.[redacted.com], localhost
myhostname = [redacted.com]
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
non_smtpd_milters = inet:127.0.0.1:8891
readme_directory = no
recipient_delimiter = +
sender_bcc_maps = hash:/etc/postfix/bcc
smtp_sasl_auth_enable = yes
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_milters = inet:127.0.0.1:8891
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous noplaintext
smtpd_sasl_type = dovecot
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_security_level = encrypt
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = hash:/etc/postfix/virtual

And here some logs:

postfix/smtpd[564116]: connect from unknown[[redacted-remote-ip]]
dovecot[553509]: auth: Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth
dovecot[553509]: auth: Debug: Module loaded: /usr/lib/dovecot/modules/auth/lib20_auth_var_expand_crypt.so
dovecot[553509]: auth: Debug: Read auth token secret from /run/dovecot/auth-token-secret.dat
dovecot[553509]: auth: Debug: auth client connected (pid=564118)
postfix/smtpd[564116]: fatal: no SASL authentication mechanisms
dovecot[553509]: auth: Debug: auth client connected (pid=0)
postfix/master[458072]: warning: process /usr/lib/postfix/sbin/smtpd pid 564116 exit status 1
postfix/master[458072]: warning: /usr/lib/postfix/sbin/smtpd: bad command startup -- throttling
dovecot[553509]: auth: Debug: auth client connected (pid=564121)
dovecot[553509]: imap-login: Disconnected: Connection closed: read(size=638) failed: Connection reset by peer (no auth attempts in 3 secs): user=<>, rip=[redacted-remote-ip], lip=[redacted-server-ip], TLS: read(size=638) failed: Connection reset by peer, session=<LmyPUNUWjx00fYwN>
dovecot[553509]: imap-login: Disconnected: Connection closed: read(size=638) failed: Connection reset by peer (no auth attempts in 9 secs): user=<>, rip=[redacted-remote-ip], lip=[redacted-server-ip], TLS: read(size=638) failed: Connection reset by peer, session=<tvYbUdUWmCU0fYwN>
dovecot[553509]: auth: Debug: auth client connected (pid=564124)
dovecot[553509]: auth: Debug: client in: AUTH        1        PLAIN        service=imap        secured=tls        session=BLznUtUW/580YtOF        lip=[redacted-server-ip]        rip=[redacted-remote-ip]        lport=993        rport=40959        local_name=[redacted-domain]        resp=[redacted-base64] (previous base64 data may contain sensitive data)
dovecot[553509]: auth: Debug: pam([redacted-user],[redacted-remote-ip],[redacted-session-id]): Performing passdb lookup
dovecot[553509]: auth-worker(564125): Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth
dovecot[553509]: auth-worker(564125): Debug: Module loaded: /usr/lib/dovecot/modules/auth/lib20_auth_var_expand_crypt.so
dovecot[553509]: auth-worker(564125): Debug: conn unix:auth-worker (pid=564119,uid=113): Server accepted connection (fd=13)
dovecot[553509]: auth-worker(564125): Debug: conn unix:auth-worker (pid=564119,uid=113): Sending version handshake
dovecot[553509]: auth-worker(564125): Debug: conn unix:auth-worker (pid=564119,uid=113): auth-worker<1>: Handling PASSV request
dovecot[553509]: auth-worker(564125): Debug: conn unix:auth-worker (pid=564119,uid=113): auth-worker<1>: pam([redacted-user],[redacted-remote-ip],[redacted-session-id]): Performing passdb lookup
dovecot[553509]: auth-worker(564125): Debug: conn unix:auth-worker (pid=564119,uid=113): auth-worker<1>: pam([redacted-user],[redacted-remote-ip],[redacted-session-id]): lookup service=dovecot
dovecot[553509]: auth-worker(564125): Debug: conn unix:auth-worker (pid=564119,uid=113): auth-worker<1>: pam([redacted-user],[redacted-remote-ip],[redacted-session-id]): #1/1 style=1 msg=Password:
dovecot[553509]: auth-worker(564125): Debug: conn unix:auth-worker (pid=564119,uid=113): auth-worker<1>: pam([redacted-user],[redacted-remote-ip],[redacted-session-id]): Finished passdb lookup
dovecot[553509]: auth-worker(564125): Debug: conn unix:auth-worker (pid=564119,uid=113): auth-worker<1>: Finished
dovecot[553509]: auth: Debug: pam([redacted-user],[redacted-remote-ip],[redacted-session-id]): Finished passdb lookup
dovecot[553509]: auth: Debug: auth([redacted-user],[redacted-remote-ip],[redacted-session-id]): Auth request finished
dovecot[553509]: auth: Debug: client passdb out: OK        1        user=[redacted-user]                original_user=[redacted-user]@[redacted-domain]
dovecot[553509]: auth: Debug: master in: REQUEST        178126849        564124        1        123123        session_pid=564126        request_auth_token
dovecot[553509]: auth: Debug: passwd([redacted-user],[redacted-remote-ip],[redacted-session-id]): Performing userdb lookup
dovecot[553509]: auth-worker(564125): Debug: conn unix:auth-worker (pid=564119,uid=113): auth-worker<2>: Handling USER request
dovecot[553509]: auth-worker(564125): Debug: conn unix:auth-worker (pid=564119,uid=113): auth-worker<2>: passwd([redacted-user],[redacted-remote-ip],[redacted-session-id]): Performing userdb lookup
dovecot[553509]: auth-worker(564125): Debug: conn unix:auth-worker (pid=564119,uid=113): auth-worker<2>: passwd([redacted-user],[redacted-remote-ip],[redacted-session-id]): lookup
dovecot[553509]: auth-worker(564125): Debug: conn unix:auth-worker (pid=564119,uid=113): auth-worker<2>: passwd([redacted-user],[redacted-remote-ip],[redacted-session-id]): Finished userdb lookup
dovecot[553509]: auth-worker(564125): Debug: conn unix:auth-worker (pid=564119,uid=113): auth-worker<2>: Finished
dovecot[553509]: auth: Debug: passwd([redacted-user],[redacted-remote-ip],[redacted-session-id]): Finished userdb lookup
dovecot[553509]: auth: Debug: master userdb out: USER        178126849        [redacted-user]        system_groups_user=[redacted-user]        uid=1000        gid=1000        home=/home/[redacted-user]        auth_mech=PLAIN        auth_token=[redacted-auth-token]        auth_user=[redacted-user]@[redacted-domain]
dovecot[553509]: imap-login: Login: user=<[redacted-user]>, method=PLAIN, rip=[redacted-remote-ip], lip=[redacted-server-ip], mpid=564126, TLS, session=[redacted-session-id]
postfix/smtpd[564127]: connect from unknown[[redacted-remote-ip]]
postfix/smtpd[564127]: lost connection after CONNECT from unknown[[redacted-remote-ip]]
postfix/smtpd[564127]: disconnect from unknown[[redacted-remote-ip]] commands=0/0
postfix/smtpd[564127]: connect from unknown[[redacted-remote-ip]]
dovecot[553509]: auth: Debug: auth client connected (pid=0)
postfix/smtpd[564127]: fatal: no SASL authentication mechanisms
dovecot[553509]: imap([redacted-user])<564126>[redacted-session-id]: Disconnected: Logged out in=63 out=1015 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0
postfix/master[458072]: warning: process /usr/lib/postfix/sbin/smtpd pid 564127 exit status 1
2
  • A timeout usually indicates a firewall issue. If it works on another device it's most probably not a problem on the server, but rather on the client. Check if outgoing ports are blocked somewhere (Port 25 is a good candidate for that). Commented Apr 24 at 11:52
  • I am using ufw with some open ports like 25, 993, 587. While trying to connect through outlook i am using port 587 using STARTTLS. This works faster, but still no success. I think the line "fatal: no SASL authentication mechanisms " might be the issue. telnet on port 25 works
    – Slenti
    Commented Apr 24 at 11:57

1 Answer 1

0

I have finally got it to work. Here are the changes that I made:

/etc/postfix/main.cf

queue_directory = /var/spool/postfix
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sasl_auth_enable = yes
smtpd_tls_auth_only = yes
#smtpd_sasl_security_options = noanonymous noplaintext

It only works, if I comment out smtpd_sasl_security_options = noanonymous noplaintext.

Is this config ok or do you have any suggestions for the use of the security options?

1

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .