[courier-users] AUTH_REQUIRED blocks inbound mail
This is a discussion on [courier-users] AUTH_REQUIRED blocks inbound mail within the Courier-Imap forums, part of the Mail Servers and Related category; --===============0873733978== Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable <!DOCTYPE html PUBLIC "-//W3C//DTD ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
07-20-2007
|
|||
|
|||
[courier-users] AUTH_REQUIRED blocks inbound mail
--===============0873733978==
Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <meta content=3D"text/html;charset=3DUTF-8" http-equiv=3D"Content-Type"= > <title></title> </head> <body bgcolor=3D"#ffffff" text=3D"#000000"> Hi<br> <br> I have a problem with courier... I'm new with this software and I'm installed a mailserver courier-based (courieresmtp, courier-imap, courier-pop, courier-webadmin).<br> <br> I have to configure a smtp with authentication on ldap. Then I configured /etc/courier/esmtpd in this way:<br> <br> AUTH_REQUIRED=3D"1"<br> ESMTPAUTH=3D"LOGIN"<br> <br> When I send a mail from my domain to other email-address with this smtp server (i tried with my thunderbird client) all's well: auth works fine.<= br> But if I send a mail with other smtp server to an address of my domain I have this error in /var/log/maillog<br> <br> <small>Jul 20 18:22:21 xxxxx courieresmtpd: started,ip=3D[::ffff:xx.xx.xx.xx]<br> Jul 20 18:22:21 xxxxx courieresmtpd: error,relay=3D::ffff:xx.xx.xx.xx,msg=3D"535 Authentication required.",cmd= : MAIL FROM:<a class=3D"moz-txt-link-rfc2396E" href=3D"mailto:xxxxxxxx@xxxx= xxx.com"><xxxxxxxx@xxxxxxx.com></a> SIZE=3D577<br> Jul 20 18:22:29 xxxxx courieresmtpd: error,relay=3D::ffff:xx.xx.xx.xx,msg=3D"535 Authentication required.",cmd= : RCPT TO:<a class=3D"moz-txt-link-rfc2396E" href=3D"mailto:xxxxxx@mydomain= =2Ecom"><xxxxxx@mydomain.com></a><br> Jul 20 18:22:45 xxxxx courieresmtpd: error,relay=3D::ffff:xx.xx.xx.xx,msg=3D"535 Authentication required.",cmd= : DATA<br> <br> <big>and I don't know why.<br> <br> If I set AUTH_REQUIRED=3D"0" in /etc/courier/esmtpd all works fine.<br> <br> Anyone can help me? I've searched in google but I didn't find anythings helps me<br> <br> Thanx in advance<br> <br> Daniele<br> <br> This is my /etc/courier/esmtpd:<br> <br> <small>##VERSION: $Id: esmtpd.dist.in,v 1.23 2007/06/23 11:55:08 mrsam Exp $<br> #<br> #<br> # esmtpd created from esmtpd.dist by sysconftool<br> #<br> # Do not alter lines that begin with ##, they are used when upgrading<br>= # this configuration.<br> #<br> #=C2=A0 Copyright 1998 - 2004 Double Precision, Inc.=C2=A0 See COPYING fo= r<br> #=C2=A0 distribution information.<br> #<br> #=C2=A0 This configuration file sets various options for Courier's esmtpd= server.<br> #=C2=A0 It is started by couriertcpd, Courier's TCP server.<br> #=C2=A0 A lot of the stuff here is documented in the manual page for couriertcpd.<br> <br> ##NAME: PATH:0<br> #<br> #=C2=A0 Specify the default PATH that everything inherits.<br> <br> PATH=3D/usr/lib/courier/bin:/bin:/usr/bin:/usr/local/bin<br> <br> ##NAME: SHELL:0<br> #<br> #=C2=A0 The default shell<br> <br> SHELL=3D/bin/sh<br> <br> ##NAME: ULIMIT:0<br> #<br> #=C2=A0 Sets the maximum size of courieresmtpd's data segment<br> #<br> <br> ULIMIT=3D16384<br> <br> ##NAME: BOFHCHECKDNS:0<br> #<br> #=C2=A0 Comment out the following line in order to accept mail with a bad= <br> #=C2=A0 return address.<br> <br> BOFHCHECKDNS=3D"0"<br> <br> ##NAME: BOFHNOEXPN:1<br> #<br> #=C2=A0 Set BOFHNOEXP to 1 to disable EXPN<br> <br> BOFHNOEXPN=3D0<br> <br> ##NAME: BOFHNOVRFY:1<br> #<br> #=C2=A0 Set BOFHNOVERIFY to disable VRFY<br> <br> BOFHNOVRFY=3D0<br> <br> ##NAME: NOADDMSGID:0<br> #<br> #=C2=A0 The following environment variables keep Courier from adding<br> #=C2=A0 default Date: and Message-ID: header to messages which do not hav= e them.<br> #=C2=A0 If you would like to add default headers only for mail from certa= in<br> #=C2=A0 IP address ranges, you can override them in couriertcpd access fi= le,<br> #=C2=A0 see couriertcpd(8).<br> <br> NOADDMSGID=3D"0"<br> <br> ##NAME: NOADDDATE:0<br> #<br> <br> NOADDDATE=3D"0"<br> <br> ##NAME: ESMTP_LOG_DIALOG:0<br> #<br> #=C2=A0 If set, log the esmtp dialog.<br> <br> ESMTP_LOG_DIALOG=3D0<br> <br> ##NAME: AUTH_REQUIRED:0<br> #<br> # Set AUTH_REQUIRED to 1 in order to force the client to use ESMTP<br> # authentication.=C2=A0 You can override AUTH_REQUIRED on a per-IP addres= s basis<br> # using smtpaccess.=C2=A0 See makesmtpaccess(8).<br> <br> AUTH_REQUIRED=3D"1"<br> <br> ################################################## #######################= <br> #<br> ##NAME: COURIERTLS:0<br> #<br> # The following variables configure ESMTP STARTTLS.=C2=A0 If OpenSSL is available<br> # during configuration, the couriertls helper gets compiled, and upon<br>= # installation a dummy TLS_CERTFILE gets generated.=C2=A0 courieresmtpd w= ill<br> # automatically advertise the ESMTP STARTTLS extension if both TLS_CERTFILE<br> # and COURIERTLS exist.<br> #<br> # WARNING: Peer certificate verification has NOT yet been tested.=C2=A0 Proceed<br> # at your own risk.=C2=A0 Only the basic SSL/TLS functionality is known t= o be<br> # working. Keep this in mind as you play with the following variables.<br= > <br> COURIERTLS=3D/usr/lib/courier/bin/couriertls<br> <br> ##NAME: ESMTP_TLS_REQUIRED:0<br> #<br> # Set ESMTP_TLS_REQUIRED to 1 if you REQUIRE SSL/TLS to be used for receiving<br> # mail.=C2=A0 Setting it here will require it for every connection.=C2=A0= You can also<br> # set ESMTP_TLS_REQUIRED in the smtpaccess file, see makesmtpaccess(8) for<br> # more information<br> #<br> # ESMTP_TLS_REQUIRED=3D1<br> <br> ##NAME: TLS_PROTOCOL:0<br> #<br> #<br> # TLS_PROTOCOL sets the protocol version.=C2=A0 The possible versions are= :<br> #<br> # SSL2 - SSLv2<br> # SSL3 - SSLv3<br> # TLS1 - TLS1<br> <br> TLS_PROTOCOL=3DSSL23<br> <br> ##NAME: TLS_CIPHER_LIST:0<br> #<br> # TLS_CIPHER_LIST optionally sets the list of ciphers to be used by the<b= r> # OpenSSL library.=C2=A0 In most situations you can leave TLS_CIPHER_LIST= <br> # undefined<br> #<br> # TLS_CIPHER_LIST=3D"ALL:!ADH:RC4+RSA:+SSLv2:@STRENG TH"<br> <br> # TLS_TIMEOUT is currently not implemented, and reserved for future use.<= br> # This is supposed to be an inactivity timeout, but its not yet implemented.<br> <br> ##NAME: TLS_DHCERTFILE:0<br> #<br> # TLS_DHCERTFILE - PEM file that stores our Diffie-Hellman cipher pair.<b= r> # When OpenSSL is compiled to use Diffie-Hellman ciphers instead of RSA<b= r> # you must generate a DH pair that will be used.=C2=A0 In most situations= the<br> # DH pair is to be treated as confidential, and the file specified by<br>= # TLS_DHCERTFILE must not be world-readable.<br> #<br> # TLS_DHCERTFILE=3D<br> <br> ##NAME: TLS_CERTFILE:0<br> #<br> # TLS_CERTFILE - certificate to use.=C2=A0 TLS_CERTFILE is required for SSL/TLS<br> # servers, and is optional for SSL/TLS clients.=C2=A0 TLS_CERTFILE is usu= ally<br> # treated as confidential, and must not be world-readable.<br> #<br> TLS_CERTFILE=3D/usr/lib/courier/share/esmtpd.pem<br> <br> ##NAME: TLS_CERTINFO:0<br> #<br> # TLS_PEERCERTDIR, TLS_OURCACERT - when it is required that all peer<br> # certificates are signed by specific certificate authorities, set<br> # TLS_OURCACERT to the name of the file containing the certificate root keys,<br> # or set TLS_PEERCERTDIR to the name of the directory containing<br> # the certificate root keys.<br> #<br> # For convenience's sake, Courier installs a default set of root certificates<br> # (which has been swiped from Mozilla's CVS tree :-) ).=C2=A0 Before enab= ling<br> # certificate verification, you should examine all the certificates in the<br> # following directory.=C2=A0 ANY certificate signed by ANY root cert in<b= r> # TLS_PEERCERTDIR will be accepted<br> #<br> # TLS_PEERCERTDIR=3D/usr/lib/courier/share/rootcerts<br> # TLS_OURCACERT=3D<br> <br> ##NAME: TLS_VERIFYPEER:0<br> #<br> # TLS_VERIFYPEER - how to verify peer certificates.=C2=A0 The possible values of<br> # this setting are:<br> #<br> # NONE - do not verify anything<br> #<br> # PEER - verify the peer certificate, if one's presented<br> #<br> # REQUIREPEER - require a peer certificate, fail if one's not presented<b= r> #<br> # SSL/TLS servers will usually set TLS_VERIFYPEER to NONE.=C2=A0 SSL/TLS clients<br> # will usually set TLS_VERIFYPEER to REQUIREPEER.<br> #<br> TLS_VERIFYPEER=3DNONE<br> <br> <br> ##NAME: MAILUSERGROUP:0<br> #<br> #=C2=A0 Mail user and group<br> <br> MAILUSER=3Ddaemon<br> MAILGROUP=3Ddaemon<br> <br> ##NAME: ADDRESS:0<br> #<br> #=C2=A0 Address to listen on, can be set to a single IP address.<br> #<br> #ADDRESS=3D127.0.0.1<br> ADDRESS=3D0<br> <br> ##NAME: PORT:1<br> #<br> #=C2=A0 PORT specified the port number to listen on.=C2=A0 The standard "= smtp" port<br> #=C2=A0 is port 25.<br> #<br> #=C2=A0 Multiple port numbers can be separated by commas.=C2=A0 When mult= iple port<br> #=C2=A0 numbers are used it is possibly to select a specific IP address f= or a<br> #=C2=A0 given port as "ip.port".=C2=A0 For example, "127.0.0.1.900,192.68= =2E0.1.900"<br> #=C2=A0 accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1<br> #=C2=A0 The ADDRESS setting, if given, is a default for ports that do not= have<br> #=C2=A0 a specified IP address.<br> <br> PORT=3D25<br> <br> ##NAME: BLACKLISTS:1<br> #<br> #=C2=A0 Blacklists we query.<br> #<br> #=C2=A0 The BLOCK environment variable is automatically enforced by submi= t.<br> #=C2=A0 Nobody really does anything about BLOCK2, this is mainly for use = by<br> #=C2=A0 plug-in mail filters.=C2=A0 If you want Courier to unilaterally b= lock<br> #=C2=A0 mail from IP addresses listed by Spamhaus or CBL, and you have a separate<br> #=C2=A0 localmailfilter that keys off BLOCK2, uncomment the following.=C2= =A0 If you want<br> #=C2=A0 to unilaterally block everything listed by Spamhaus or CBL, just replace<br> #=C2=A0 BLOCK2 with BLOCK.<br> #<br> # BLACKLISTS=3D'-block=3Dzen.spamhaus.org,BLOCK2 -block=3Dcbl.abuseat.org,BLOCK2'<br> <br> BLACKLISTS=3D""<br> <br> ##NAME: ACCESSFILE:1<br> #<br> #=C2=A0 Access file: $ACCESSFILE - plain text file/dir, $ACCESSFILE.dat -= compiled<br> #=C2=A0 database.<br> #<br> <br> ACCESSFILE=3D${sysconfdir}/smtpaccess<br> <br> ##NAME: MAXDAEMONS:0<br> #<br> #=C2=A0 Maximum number of daemons started<br> #<br> <br> MAXDAEMONS=3D"40"<br> <br> ##NAME: MAXPERC:0<br> #<br> #=C2=A0 Maximum number of connections accepted from the same C address bl= ock<br> #<br> <br> MAXPERC=3D"20"<br> <br> ##NAME: MAXPERID:0<br> #<br> #<br> #=C2=A0 Maximum number of connections accepted from the same IP address<b= r> <br> MAXPERIP=3D"10"<br> <br> ##NAME: PIDFILE:0<br> #<br> #=C2=A0 File where couriertcpd will save its process ID<br> #<br> <br> PIDFILE=3D/var/spool/courier/tmp/esmtpd.pid<br> <br> ##NAME: TCPDOPTS:3<br> #<br> # TCPDOPTS can contain other couriertcpd options, such as<br> # -nodnslookup and -noidentlookup.<br> #<br> <br> TCPDOPTS=3D"-stderrlogger=3D/usr/sbin/courierlogger -nodnslookup -noidentlookup"<br> #TCPDOPTS=3D"-stderrlogger=3D/usr/sbin/courierlogger"<br> <br> ##NAME: ESMTPAUTH:4<br> #<br> # To enable authenticated SMTP relaying, uncomment the ESMTPAUTH setting,<br> # below, and set it to ESMTP authentication mechanisms we support.=C2=A0 Currently<br> # LOGIN and CRAM-MD5 are available:<br> #<br> # ESMTPAUTH=3D"LOGIN CRAM-MD5"<br> #<br> # You can also try PLAIN, CRAM-SHA1, and CRAM-SHA256.=C2=A0 See INSTALL f= or more<br> # information.<br> #<br> <br> ESMTPAUTH=3D"LOGIN"<br> <br> ##NAME: ESMTPAUTH_WEBADMIN:5<br> #<br> # ESMTPAUTH_WEBADMIN is used by the webadmin module<br> #<br> # Don't touch this setting.<br> <br> ESMTPAUTH_WEBADMIN=3D"LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256"<br> <br> ##NAME: ESMTPAUTHINFOTLS:3<br> #<br> # To enable SASL PLAIN authentication when using TLS, uncomment the following.<br> # To enable SASL PLAIN with or without TLS, just add PLAIN to ESMTPAUTH,<= br> # above:<br> #<br> # ESMTPAUTH_TLS=3D"PLAIN LOGIN CRAM-MD5"<br> #<br> # ESMTPAUTH_TLS_WEBADMIN is used by the webadmin module<br> <br> ESMTPAUTH_TLS=3D"PLAIN LOGIN"<br> <br> ##NAME: ESMTPAUTH_TLS_WEBADMIN:5<br> <br> ESMTPAUTH_TLS_WEBADMIN=3D"PLAIN LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256"<br>= <br> ##NAME: ESMTPDSTART:0<br> #<br> # ESMTPDSTART is not referenced anywhere in the standard Courier programs<br> # or scripts.=C2=A0 Rather, this is a convenient flag to be read by your system<br> # startup script in /etc/rc.d, like this:<br> #<br> #=C2=A0 prefix=3D/usr/lib/courier<br> #=C2=A0 exec_prefix=3D/usr/lib/courier<br> #=C2=A0 . ${sysconfdir}/esmtpd<br> #=C2=A0 case x$ESMTPDSTART in<br> #=C2=A0 x[yY]*)<br> #=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 /usr/lib/courier/sbin/esmtpd = start<br> #=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 ;;<br> #=C2=A0 esac<br> #<br> # The default setting is going to be NO, until Courier is shipped by default<br> # with enough platforms so that people get annoyed with having to flip it to<br> # YES every time.<br> <br> ESMTPDSTART=3D"YES"<br> </small></big></small><br> <div class=3D"moz-signature">-- <br> <font face=3D"serif"><font style=3D"font-size: 11pt;" size=3D"3">Daniele Piaggesi</font></font><br> <font face=3D"serif"><font style=3D"font-size: 11pt;" size=3D"3">--------= ---------------</font></font><br> <font face=3D"serif"><font style=3D"font-size: 11pt;" size=3D"3">System Administrator</font></font><br> <font face=3D"serif"><font style=3D"font-size: 11pt;" size=3D"3">Pronetic= s s.p.a.</font></font><br> <font face=3D"serif"><font style=3D"font-size: 11pt;" size=3D"3">Via E. L= =2E Cerva 127/C</font></font><br> <font face=3D"serif"><font style=3D"font-size: 11pt;" size=3D"3">Tel.=C2=A0= =C2=A0=C2=A0=C2=A0+39.06.51530849</font></font><br> <font face=3D"serif"><font style=3D"font-size: 11pt;" size=3D"3">Mob.=C2=A0= =C2=A0+39.328.6176226</font></font><br> </div> </body> </html> --===============0873733978== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ --===============0873733978== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/.../courier-users --===============0873733978==-- 
|
Linear Mode
