Postifx as SMTP AUTH client

Alexander Dalloz ad+lists at uni-x.org
Mon Apr 10 18:27:20 UTC 2006 

Am Mo, den 10.04.2006 schrieb J. K. Cliburn um 19:59:

> I'm pretty new to configuring mail servers, and I'm running into
> issues trying to get outbound mail to work.  I've configured Postfix
> to (I think) request smtp auth at my ISP's mail server in an attempt
> to get him to relay my mail, but I'm not sure the authentication
> attempt is happening.
> 
> A few background items...
> 1) PPPoE DSL connection, dynamic IP.
> 2) DynDNS/ddclient correctly working to keep domain name and IP
> address in sync.
> 3) Postfix on home LAN server correctly configured to send and receive
> internal mail.
> 
> I send a message from root at hogchain.net to jcliburn at gmail.com...  The
> ISP's mail server unceremoniously bounces it thusly.
> 
> Apr 10 12:17:34 osprey postfix/pickup[4586]: B48F46CE549: uid=0 from=<root>
> Apr 10 12:17:34 osprey postfix/cleanup[4622]: B48F46CE549:
> message-id=<20060410171734.B48F46CE549 at osprey.hogchain.net>
> Apr 10 12:17:34 osprey postfix/qmgr[4587]: B48F46CE549:
> from=<root at hogchain.net>, size=313, nrcpt=1 (queue active)
> Apr 10 12:17:40 osprey postfix/smtp[4624]: B48F46CE549:
> to=<jcliburn at gmail.com>, relay=mx00.mail.bellsouth.net[205.152.58.32],
> delay=6, status=bounced (host mx00.mail.bellsouth.net[205.152.58.32]
> said: 550 relaying mail to gmail.com is not allowed (in reply to RCPT
> TO command))
> Apr 10 12:17:40 osprey postfix/cleanup[4622]: 5E98B6CE563:
> message-id=<20060410171740.5E98B6CE563 at osprey.hogchain.net>
> Apr 10 12:17:40 osprey postfix/qmgr[4587]: B48F46CE549: removed
> Apr 10 12:17:40 osprey postfix/qmgr[4587]: 5E98B6CE563: from=<>,
> size=2187, nrcpt=1 (queue active)
> Apr 10 12:17:40 osprey postfix/smtp[4624]: 5E98B6CE563:
> to=<root at hogchain.net>, relay=mx01.mail.bellsouth.net[205.152.58.33],
> delay=0, status=bounced (host mx01.mail.bellsouth.net[205.152.58.33]
> said: 550 relaying mail to hogchain.net is not allowed (in reply to
> RCPT TO command))
> Apr 10 12:17:40 osprey postfix/qmgr[4587]: 5E98B6CE563: removed
> 
> I know the server is saying "relaying mail to [wherever] is not
> allowed," but does that mean not allowed at all, or not allowed
> without smtp authentication?

That can't be concluded from the rejection message. From below
information we can see that SMTP AUTH isn't offered by that host with IP
205.152.58.33. Testing 205.152.58.32 shows the same.

> So, hoping it's the latter, I setup smtp auth on my postfix, reasoning
> that if the ISP requires authentication whenever I fetch my personal
> email from him (using a client like thunderbird), then maybe he
> requires an authentication before he'll relay.  But it doesn't help. 
> I still get bounced.

SMTP is something very different to POP3 / IMAP. Though all protocols
typically share the same user backend on server side.

Did you already setup SMTP AUTH with Postfix? Anyway, it can only happen
if the server side offers and supports it. It may be helpful if you tell
us what you did setup ("postconf -n" output and the password map file
content).

> Interestingly, here's a telnet session with the ISP's mailserver:
> 
> [root at osprey ~]# telnet 205.152.58.33 25
> Trying 205.152.58.33...
> Connected to 205.152.58.33.
> Escape character is '^]'.
> 220 ibm30aec.bellsouth.net ESMTP server ready Mon, 10 Apr 2006 13:28:30 -0400
> EHLO bellsouth.net
> 250-ibm30aec.bellsouth.net
> 250-HELP
> 250-PIPELINING
> 250-DSN
> 250-8BITMIME
> 250 SIZE 26214400
> AUTH PLAIN <<<base64-encoded-username/password>>>
> 502 Command is locally disabled
> quit
> 221 ibm30aec.bellsouth.net ESMTP server closing connection
> Connection closed by foreign host.
> 
> What does the response "Command is locally disabled" mean?  I'm
> confused by it, because the ISP requires that I authenticate when I
> check my personal mail.  How could the AUTH command be disabled at his
> end in this case?

The server requested simply does not offer any AUTH. That must be no
fault nor violates that any standard.

> I'm missing something really fundamental.  Any hints or pointers appreciated.

Typically ISPs offer specific mail relay hosts for their customers.
Searching google that should be mail.bellsouth.net for your provider.
Though querying that host it does not offer me AUTH. Maybe that
information from the net is outdated and you should call their support
for the requested information. But the chances are good that another
list reader has the information for you.

> Jay

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp 
Serendipity 20:15:30 up 27 days, 21:03, load average: 0.40, 0.30, 0.21 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20060410/6f7d378c/attachment-0001.sig>

More information about the fedora-list mailing list