Mailinglist Archive: opensuse (3468 mails)
| < Previous | Next > |
Re: [opensuse] Can't make postfix to atutenficate to my ISP.
- From: Sandy Drobic <suse-linux-e@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 17 Apr 2007 17:27:59 +0200
- Message-id: <4624E77F.4040507@xxxxxxxxxxxxxxxxxxxxxxx>
Carlos E. R. wrote:
>> What is your version (postconf mail_version)?
>
> nimrodel:/etc/postfix # postconf mail_version
> mail_version = 2.3.2
>
> The one that comes with suse 10.2.
>
>>> But, first try, doesn't work. I created the "ehlo_discard_words" file
>>> using the isp name instead of the IP, but it is still using AUTH
>>> DIGEST-MD5.
>> Sorry, no joy, you have to use the ip address. :-((
>
> Good grief! My ISp can choose to change it's IP any time.
>
> Ffff... ok, I'll leave it as:
>
> 213.4.149.66 digest-md5
>
> (only line in the file)
>
> but it is ignored:
>
>
> : maps_find: smtpd_discard_ehlo_keyword_address_maps: hash:/etc/postfix/ehlo_discard_words(0,lock): 213.4.149.66 = digest-md5
> ...
> : smtp_sasl_authenticate: smtp.telefonica.net[213.4.149.66]: SASL mechanisms LOGIN LOGIN CRAM-MD5 DIGEST-MD5
> : > smtp.telefonica.net[213.4.149.66]: AUTH DIGEST-MD5
>
> That feature certainly doesn't work. It is detected, it matches, but
> doesn't work, insisting in using DIGEST-MD5. Yes, I have tried both lower
> and upper case.
>
>
> Per G.T.Smith sugestion, I tried:
>
> smtp_sasl_security_options = cram-md5
> smtp_sasl_tls_security_options = $smtp_sasl_security_options
No, you should only set
smtp_sasl_security_option = noanonymous
If possible, you could add "noplaintext"
This would demand, that only digest-md5 or cram-md5 will be used.
In the meantime, I had a closer look at the conversation. digest-md5 is
not a keyword in the capabilities, so we can't use it to discard that option.
Please try:
smtp_sasl_mechanism_filter = cram-md5, login
>
>
>
> now I get:
>
> postfix/smtp[12774]: starting new SASL client
> postfix/smtp[12774]: warning: unknown SASL security options value "cram-md5" in "cram-md5"
Yepp, that isn't an allowed option.
--
Sandy
List replies only please!
Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
>> What is your version (postconf mail_version)?
>
> nimrodel:/etc/postfix # postconf mail_version
> mail_version = 2.3.2
>
> The one that comes with suse 10.2.
>
>>> But, first try, doesn't work. I created the "ehlo_discard_words" file
>>> using the isp name instead of the IP, but it is still using AUTH
>>> DIGEST-MD5.
>> Sorry, no joy, you have to use the ip address. :-((
>
> Good grief! My ISp can choose to change it's IP any time.
>
> Ffff... ok, I'll leave it as:
>
> 213.4.149.66 digest-md5
>
> (only line in the file)
>
> but it is ignored:
>
>
> : maps_find: smtpd_discard_ehlo_keyword_address_maps: hash:/etc/postfix/ehlo_discard_words(0,lock): 213.4.149.66 = digest-md5
> ...
> : smtp_sasl_authenticate: smtp.telefonica.net[213.4.149.66]: SASL mechanisms LOGIN LOGIN CRAM-MD5 DIGEST-MD5
> : > smtp.telefonica.net[213.4.149.66]: AUTH DIGEST-MD5
>
> That feature certainly doesn't work. It is detected, it matches, but
> doesn't work, insisting in using DIGEST-MD5. Yes, I have tried both lower
> and upper case.
>
>
> Per G.T.Smith sugestion, I tried:
>
> smtp_sasl_security_options = cram-md5
> smtp_sasl_tls_security_options = $smtp_sasl_security_options
No, you should only set
smtp_sasl_security_option = noanonymous
If possible, you could add "noplaintext"
This would demand, that only digest-md5 or cram-md5 will be used.
In the meantime, I had a closer look at the conversation. digest-md5 is
not a keyword in the capabilities, so we can't use it to discard that option.
Please try:
smtp_sasl_mechanism_filter = cram-md5, login
>
>
>
> now I get:
>
> postfix/smtp[12774]: starting new SASL client
> postfix/smtp[12774]: warning: unknown SASL security options value "cram-md5" in "cram-md5"
Yepp, that isn't an allowed option.
--
Sandy
List replies only please!
Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |