get zimbra postfix server to relay through another postfix host

[bluethundr]

I am trying to get one postfix server (a zimbra server) to authenticate through sasl to another postfix server (production mail) so it can be used as a relay host.

But I notice that the authentication method in /etc/postfix/sasl/smtpd.conf on the other machine is auxprop because that machine uses mysql as a back end.

How do I get the first postfix server (zimbra) to authenticate against the second postfix server so that the second postfix server (production mail) can be used as a relay host?

When I try to send mail using the postfix setup on the zimbra server I get:

: SASL authentication failed; server
mail.beta.beezag.com[192.168.1.10] said: 535 5.7.8 Error: authentication
failed: authentication failure

[phoenix]

Search the wiki for 'authenticate'.

[bluethundr]

this is what I used

Outgoing SMTP Authentication - Zimbra :: Wiki

This is when my zimbra server stopped sending. I can send from the zimbra server if I have to, but I need to figure out how to send from the remote postfix server on my network and store mail there due especially to the larger storage capacities on that mail server.


thanks

[bluethundr]

this is from the logs:

Code:

Aug 21 11:51:22 zimbra postfix/smtp[29971]: warning: database /opt/zimbra/conf/relay_password.db is older than source file /opt/zimbra/conf/relay_password
Aug 21 11:51:22 zimbra postfix/smtp[29971]: 27C803037F39: to=, relay=mail.beta.beezag.com[192.168.1.10]:25, delay=0.11, delays=0.02/0.03/0.05/0, dsn=5.7.8, status=bounced (SASL authentication failed; server mail.beta.beezag.com[192.168.1.10] said: 535 5.7.8 Error: authentication failed: authentication failure)

[bluethundr]

this is my /etc/postfix/sasl/smtpd.conf

Code:

pwcheck_method: auxprop
#mech_list: plain login
#allow_plaintext: true
auxprop_plugin: sql
sql_hostnames: db
sql_user: mail_admin
sql_passwd: thePass
sql_database: maildb
sql_select: select password from users where email = '%u'

So I am trying to figure this out. Is it looking for a user in my mysql database?

[bluethundr]

And I am getting these errors in the logs of my main postfix server.

Code:

Aug 21 12:52:20 mail postfix/smtpd[10623]: SSL_accept:before/accept initialization
Aug 21 12:52:41 mail postfix/smtpd[10623]: SSL_accept:error in SSLv2/v3 read client hello A
Aug 21 12:52:41 mail postfix/smtpd[10623]: SSL_accept error from mail.alpha.beezag.com[192.168.1.10]: -1
Aug 21 12:52:41 mail postfix/smtpd[10623]: warning: TLS library problem: 10623:error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:562:

[bluethundr]

This was the result of a telnet test I tried to troubleshoot authentication:

Code:

mail:~# telnet mail 25
Trying 192.168.1.10...
Connected to mail.alpha.beezag.com.
Escape character is '^]'.
220 mail.beta.beezag.com ESMTP Postfix (Debian/GNU) Beezag USA LLC
EHLO web1
250-mail.beta.beezag.com
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-AUTH CRAM-MD5 NTLM LOGIN PLAIN DIGEST-MD5
250-AUTH=CRAM-MD5 NTLM LOGIN PLAIN DIGEST-MD5
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN dn0tr34ld1g3st=
535 5.7.8 Error: authentication failed: authentication failure

this was a user that I entered into the MySQL mail database.

[phoenix]

Quote:

Originally Posted by bluethundr

this was a user that I entered into the MySQL mail database.

Can that user login via any other client?

[bluethundr]

hmm.. seems not


I tried Apple Mail and telnetting to 110 and 143

Code:

backup:~# telnet mail 143

Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2008 Double Precision, Inc.  See COPYING for distribution information.
login timd@beta.beezag.com myr34lp455
login NO Error in IMAP command received by server.

Code:

backup:~# telnet mail.beta.beezag.com 110
Trying 192.168.1.10...
Connected to mail.beta.beezag.com.
Escape character is '^]'.
+OK Hello there.
USER timd@beta.beezag.com
+OK Password required.
PASS myr34lp455
-ERR Temporary problem, please try again later
Connection closed by foreign host.

[bluethundr]

here are my most important tables in MySQL:

this is users:

Code:

--------+---------------+---------------+-------+------------+----------------+
| timd@timdady.com           | timd     | 5000 | 5000 | /var/spool/mail/virtual | timd/     |       1 |               1 | rand0mp455| rand0mp455|       |            |                | 
| melissas@timdady.com       | melissas | 5000 | 5000 | /var/spool/mail/virtual | melissas/ |       1 |               1 | rand0mp455| rand0mp455|       |            |                | 
| stevens@timdaddy.com       | stevens  | 5000 | 5000 | /var/spool/mail/virtual | stevens/  |       1 |               1 | rand0mp455 | rand0mp455 |       |            |                | 
| root@localhost             | root     | 5000 | 5000 | /var/spool/mail/virtual | root/     |       1 |               1 | rand0mp455    | rand0mp455 |       |            |                | 
| timd@beta.beezag.com       | timd     | 5000 | 5000 | /var/spool/mail/virtual | timd/     |       1 |               1 | rand0mp455 | rand0mp455 |       |            |                | 
| bluethundr@beta.beezag.com | timd     | 5000 | 5000 | /var/spool/mail/virtual | timd/     |       1 |               1 | rand0mp455| rand0mp455|       |            |                | 
| bluethundr@timdaddy.com    | timd     | 5000 | 5000 | /var/spool/mail/virtual | timd/     |       1 |               1 | rand0mp455| rand0mp455 |       |            |                | 
+----------------------------+----------+------+------+-------------------------+-----------+---------+-----------------+---------------+---------------+-------+------------+----------------+

This is domains

Code:

mysql> SELECT * FROM domains;
+------+-----------------------+-----------+---------+
| pkid | domain                | transport | enabled |
+------+-----------------------+-----------+---------+
|    1 | timdaddy.com          | virtual:  |       1 | 
|    2 | alpha.beezag.com      | virtual:  |       1 | 
|    3 | localhost             | virtual:  |       1 | 
|    4 | localhost.localdomain | virtual:  |       1 | 
|    5 | mail                  | virtual:  |       1 | 
|    7 | beta.beezag.com       | virtual:  |       1 | 
+------+-----------------------+-----------+---------+
6 rows in set (0.00 sec)

This is aliases:

Code:

mysql> SELECT * FROM aliases;
+------+-----------------------------+----------------------+---------+
| pkid | mail                        | destination          | enabled |
+------+-----------------------------+----------------------+---------+
|    1 | timd@timdaddy.com           | timd@timdaddy.com    |       1 | 
|    2 | @alpha.beezag.com           | timd@timdaddy.com    |       1 | 
|    3 | postmaster@alpha.beezag.com | postmaster@localhost |       1 | 
|    4 | abuse@alpha.beezag.com      | abuse@localhost      |       1 | 
|    5 | postmaster@timdaddy.com     | postmaster@localhost |       1 | 
|    6 | abuse@timdaddy.com          | abuse@localhost      |       1 | 
|    7 | timd@beta.beezag.com        | timd@beta.beezag.com |       1 | 
+------+-----------------------------+----------------------+---------+
7 rows in set (0.00 sec)