[solved] Sender address rejected: SMTP AUTH required. (in reply to RCPT TO command)

Hello SysAds,

This is my second day on trying to isolation my email issue with Virtualmin.

Here are the technical details so far,

  1. panel.digitalbeards.asia is my hostname.
  2. I ensured my SPF was not a problem, so I change this to, via Virtualmin DNS option digitalbeards.asia. 14399 IN TXT "v=spf1 a mx a:digitalbeards.asia a:panel.digitalbeards.asia mx:mail.digitalbeards.asia ip4: ip4: ip6:fe80::98f2:eff:fe86:1a4d all"

In addition to this, here is my full main.cf from postfix

See /usr/share/postfix/main.cf.dist for a commented, more complete version

Debian specific: Specifying a file name will cause the first

line of that file to be used as the name. The Debian default

is /etc/mailname.

#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

appending .domain is the MUA’s job.

append_dot_mydomain = no

Uncomment the next line to generate “delayed mail” warnings

#delay_warning_time = 4h

readme_directory = no

See http://www.postfix.org/COMPATIBILITY_README.html – default to 2 on

fresh installs.

compatibility_level = 2

TLS parameters

smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for

information on enabling SSL in the smtp client.

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = panel.digitalbeards.asia
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, panel.digitalbeards.asia, localhost.digitalbeards.asia, , localhost
mynetworks = [::ffff:]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_alias_maps = hash:/etc/postfix/virtual
sender_bcc_maps = hash:/etc/postfix/bcc
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_policy_service inet:
smtp_tls_security_level = dane
allow_percent_hack = no
smtpd_tls_CAfile = /etc/postfix/postfix.ca.pem
smtpd_tls_security_level = may
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891,local:/var/run/milter-greylist/milter-greylist.sock
non_smtpd_milters = inet:localhost:8891,local:/var/run/milter-greylist/milter-greylist.sock

But still this returns,

This is the mail system at host panel.digitalbeards.asia.

I’m sorry to have to inform you that your message could not
be delivered to one or more recipients. It’s attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

               The mail system

me@kurtobando.com: host mail.cityescape.ph[] said: 554 5.7.1
root@panel.digitalbeards.asia: Sender address rejected: SMTP AUTH
required. (in reply to RCPT TO command)

Reporting-MTA: dns; panel.digitalbeards.asia
X-Postfix-Queue-ID: E8AB580083
X-Postfix-Sender: rfc822; root@panel.digitalbeards.asia
Arrival-Date: Wed, 22 May 2019 05:56:28 +0000 (UTC)

Final-Recipient: rfc822; me@kurtobando.com
Original-Recipient: rfc822;me@kurtobando.com
Action: failed
Status: 5.7.1
Remote-MTA: dns; mail.cityescape.ph
Diagnostic-Code: smtp; 554 5.7.1 root@panel.digitalbeards.asia: Sender
address rejected: SMTP AUTH required.

I checked the error logs, I do not see any pointers where to start:

May 24 14:04:34 panel postfix/smtp[30261]: DACAC80EE6: to=, relay=mail.cityescape.ph[]:25, delay=4.4, delays=0.05/0.01/2.7/1.6, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 4137AD0534) May 25 02:34:28 panel postfix/smtp[20086]: 0E4C280EC9: to=, relay=mail.cityescape.ph[]:25, delay=6.9, delays=0.06/0.02/6.8/0.04, dsn=5.7.1, status=bounced (host mail.cityescape.ph[] said: 554 5.7.1 : Sender address rejected: SMTP AUTH required. (in reply to RCPT TO command))

What bothers me most, outbound email is working for all my domains hosted in Virtualmin, except the domain used as hostname, which is hosted in the same server.

Which in fact, I have created a valid email, root@panel.digitalbeards.asia, and support@digitalbeards.asia, still returns Sender address rejected: SMTP AUTH required. (in reply to RCPT TO command) when sending an email to me@kurtobando.com

At this point, I am asking for help what settings did I miss on this setup? - considering I tried to follow TS steps here in https://www.virtualmin.com/documentation/email/troubleshooting, however, no luck at the moment.

Remove proxy in Cloudflare DNS. Worked.