Just tried to authenticate. Here’s the log. Appears to be because my external IP address accessed via my router is not listed for hostname dsldevice.lan. How do I associate my external IP address with hostname dsldevice.lan?
Jan 11 18:04:59 ns1 postfix/smtpd[11021]: warning: xxx.xxx.xxx.xxx: address not listed for hostname dsldevice.lan
Jan 11 18:04:59 ns1 postfix/smtpd[11021]: connect from unknown[xxx.xxx.xxx.xxx]
Jan 11 18:05:05 ns1 postfix/smtpd[11021]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Jan 11 18:05:05 ns1 postfix/smtpd[11021]: warning: SASL authentication failure: Password verification failed
Jan 11 18:05:05 ns1 postfix/smtpd[11021]: warning: unknown[xxx.xxx.xxx.xxx]: SASL PLAIN authentication failed: generic failure
Jan 11 18:05:05 ns1 postfix/smtpd[11021]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Jan 11 18:05:05 ns1 postfix/smtpd[11021]: warning: unknown[xxx.xxx.xxx.xxx]: SASL LOGIN authentication failed: generic failure
Jan 11 18:05:06 ns1 postfix/smtpd[11021]: disconnect from unknown[xxx.xxx.xxx.xxx]
Yes, it works for sending email from the Thunderbird client, but on downloading email, it tries to connect to the server and times out after about 20 secs.
I expect that is a separate problem to the one above. I’ve got some 904 short email messages in the Inbox on the server; only a total of 1.64 MB.
I’m using the SSL option for the Thunderbird settings.
Well, I guess I’m not sure I understand the problem… if clients are timing out when trying to send you a message, I’m not sure it makes sense that the canyouseeme.org site thinks you’re online – in theory, that would timeout too.
What’s an example domain name you’re having trouble with? (you can always mask it out later after we resolve all this)
Have a look at example.uk. Thanks. As I said, using Thunderbird from another PC on the same network, I can SEND emails using the mail.example.uk smtp server, but I can’t receive (download) emails from the Inbox on this server. I CAN access the Inbox of this mailbox using Usermin web interface, but thats using a different method.
It was a silly error caused by not opening a port on my NAT router. By using the SSL (port 993) setting on Thunderbird, I was able to download my emails from the server.
However, I have been experimenting with the Thunderbird settings. It seems that it will not connect if I use the TLS (port 143) setting. Yes, the port is open on my router. In Postfix, it says that I have TLS enabled for the SMTP server??? I WAS able to connect and download using the SSL setting.
But now I’m unable to connect at all through Thunderbird. Says server will not allow me to connect. Is that a security feature caused by all my experimenting? How do I override it?
Hmm, well, port 143 is generally the plain text (and non-TLS) port. If Thunderbird is setup to use TLS for that port, unless there’s something non-typical setup on your server, I suspect that wouldn’t work.
If you disable TLS, and just use plain text to access port 143, does that work?
It may or may not be relevant, but I have the following under SMTP Server Options:
Restrictions on recipient addresses: permit_mynetworks permit_sasl_authenticated myorigin = $mydomain reject_unauth_destination
I’m not sure about the myorigin = $mydomain, because I am operating a virtual server environment with Virtualmin. I remember that myorigin = $mydomain had to be taken out of the Postfix main.cf file to get Postfix to work with the virtual servers.
Hi, after disabling TLS and deselecting TLS on the Thinderbird client, I get the following error from Thunderbird:
“You cannot login to mail.domain.co.uk because the server has disabled login. You may need to connect via SSL or TLS. Please check the account settings for your mail server.”
These are my settings in Postfix:
Module Index
SMTP Authentication And Encryption
SMTP Authentication And Encryption
Enable SASL SMTP authentication? Yes Handle non-compliant SMTP clients? Yes
SMTP security options
Reject anonymous logins Yes
Reject plain-text logins No
SMTP relaying restrictions
Allow connections from same network Yes
Allow connections from this system No
Reject clients with no reverse hostname NO
Allow authenticated clients Yes
Reject email to other domains Yes
Allow only relay domains No
Allow domains this system is a backup MX for No
Delay clients with failed logins? Yes
Enable TLS encryption? Yes
TLS certificate file Yes
TLS private key file Yes
TLS certificate authority file None