On 03/07/18 17:35, Edgar Pettijohn wrote:
>
>
> On 03/07/18 16:25, flipchan wrote:
>> Okey i installed opensmtpd-extra and tried a cleaner smtpd.conf file:
>> dpaste.com/255DGXH.txt
>>
>> Same authentication failed when i try in mutt
>>
>> On March 7, 2018 9:25:18 PM UTC, edgar@pettijohn-web.com wrote:
>>
>> You have to install opensmtpd-extras package to use the passwd
>> table.
>> On Mar 7, 2018 3:21 PM, flipchan <flipchan@riseup.net> wrote:
>>
>> Yeah, they are encrypted using smtpctl and the syntax with
>> space doesnt work and in other ppls configurations they have
>> passwd instead of file but its not supported anymore it seems
>> like On March 7, 2018 3:19:18 PM UTC, trondd
>> <trondd@kagu-tsuchi.com> wrote:
>>
>> On Wed, March 7, 2018 10:06 am, flipchan wrote:
>>
>> smtpctl encrypt mypassword Then syntax user:password ?
>> On March 6, 2018 9:46:26 PM UTC, trondd
>> <trondd@kagu-tsuchi.com>
>> wrote:
>>
>> On Tue, March 6, 2018 1:48 pm, flipchan wrote:
>>
>> Hello, im trying to create a mail server and i
>> keep getting opensmtpd authentication fail i
>> tried using neomutt and regular mutt, but no
>> success tail -f /var/log/maillog Mar 6
>> 18:15:37 mail dovecot: imap-login: Login:
>> user=<user@mysite.com>,
>>
>> method=PLAIN, rip=homeip, lip=server,
>> mpid=54071, TLS, session=<GUjwbcJm/VRe/m7Z>
>> Mar 6 18:15:48 mail dovecot: imap-login: Login:
>> user=<user@mysite.com>,
>>
>> method=PLAIN, rip=homeip, lip=server,
>> mpid=11081, TLS, session=<LwGSbsJm7oRe/m7Z>
>> Mar 6 18:15:55 mail smtpd[77144]:
>> 7b289a2a8f3efe40 smtp
>> event=connected
>>
>> address=homeip host=homeip Mar 6 18:15:55
>> mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>> event=starttls
>>
>> address=homeip host=homeip
>> ciphers="version=TLSv1.2,
>> cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256"
>> Mar 6 18:15:55 mail smtpd[77144]:
>> 7b289a2a8f3efe40 smtp event=authentication
>> user=user address=homeip host=homeip
>> result=permfail
>>
>> Mar 6 18:15:56 mail smtpd[77144]:
>> 7b289a2a8f3efe40 smtp event=failed-command
>> address=homeip host=homeip command="AUTH PLAIN
>> (...)"
>>
>> result="535 Authentication failed" Mar 6
>> 18:15:57 mail smtpd[77144]: 7b289a2a8f3efe40
>> smtp
>> event=closed
>>
>> address=homeip host=homeip reason=disconnect
>> dovecot works so i can get imap but opensmtpd
>> does work im using openbsd6.2 # cat
>> /etc/mail/smtpd.conf pki mail.mysite.com
>> certificate "/etc/ssl/mail.mysite.com.crt" pki
>> mail.mysite.com key
>> "/etc/ssl/private/mail.mysite.com.key" #
>> tables setup table aliases
>> file:/etc/mail/aliases table domains
>> file:/etc/mail/domains table passwd
>> file:/etc/mail/passwd table virtuals
>> file:/etc/mail/virtuals # listen ports setup
>> #listen on lo0 listen on vio0 port 25
>> tls-require pki mail.mysite.com #listen on
>> vio0 port 587 tls-require pki mail.mysite.com
>> auth
>> <passwd>
>>
>> listen on vio0 port 587 smtps pki
>> mail.mysite.com auth <passwd> # special case
>> for gmail to avoid ipv6 here #limit mta for
>> domain gmail.com inet4 # allow local messages
>> accept from local for local alias <aliases>
>> deliver to lmtp "/var/dovecot/lmtp" rcpt-to #
>> allow virtual domains accept from any for
>> domain <domains> virtual <virtuals> deliver to
>> lmtp
>>
>> "/var/dovecot/lmtp" rcpt-to # allow outgoing
>> mails accept from local for any relay #reject
>> from ! source <other-relays> sender
>> "@mysite.com" for any both dovecot and smtpd
>> reads passwd's from /etc/mail/passwd and
>> only
>>
>> dovecot works, think its some kind of smtpd
>> config that is wrong...
>>
>> Is the password encrypted properly? In a
>> listener context, the credentials are a mapping of
>> username
>> and
>>
>> encrypted passwords: user1
>> $2b$10$hIJ4QfMcp.90nJwKqGbKM.MybArjHOTpEtoTV.DgLYAiThuoYmTSe
>> user2
>> $2b$10$bwSmUOBGcZGamIfRuXGTvuTo3VLbPG9k5yeKNMBtULBhksV5KdGsK
>> The passwords are to be encrypted using the
>> smtpctl(8) encrypt subcommand.
>> -- Take Care Sincerely flipchan layerprox dev
>>
>> This comes from the table(5) man page. The file will be:
>> username encryptedpassword
>> -- Take Care Sincerely flipchan layerprox dev
>>
>>
>> --
>> Take Care Sincerely flipchan layerprox dev
>
Sorry apparently my '/n's disappeared :(
> Remove mutt from the equation:
>
> perl -MMIME::Base64 -e 'print
> encode_base64("*\000*user\@domain.com*\000*plaintextpassword")'
> save output from above for later
>
> openssl s_client -starttls smtp -crlf -connect 1.2.3.4:587
> I'm not an openssl expert I use the above when testing. Your mileage
> may vary.
> lots of output....
> CONNECTED(SOMENUMBERS)
> >>>user input
> <<<server response
> >>>ehlo itsme.org
> <<<250-mail.pettijohn-web.com Hello itsme.org [50.59.65.45], pleased
> to meet you
> <<<250-8BITMIME
> <<<250-ENHANCEDSTATUSCODES
> <<<250-SIZE 36700160
> <<<250-DSN
> <<<250-AUTH PLAIN LOGIN
> <<<250 HELP
> >>>auth plain
> <<<334
> >>>AGVkZ2FyQHBl789am9obi13ZWIuY29tADY3Q29ydmFpciE= (from the above
> perl command)
> <<<235 2.0.0: Authentication succeeded
> >>>mail from:<edgar@pettijohn-web.com>
> <<<250 2.0.0: Ok
> >>>rcpt to:<edgar@pettijohn-web.com>
> <<<250 2.1.5 Destination address valid: Recipient ok
> >>>data
> <<<354 Enter mail, end with "." on a line by itself
> >>>To: Edgar
> >>>From: Edgar
> >>>Subject: cli auth
> >>>it works
> >>>.
> <<<250 2.0.0: 65a74964 Message accepted for delivery
>
>
>
Damn thunderbird. My apologies to all who endure reading the above.
No comments:
Post a Comment