dma
dma copied to clipboard
corecode
Support for PLAIN authentication
I would like to switch my servers from ssmtp to dma, but my email provider (fastmail) only supports plain authentication (see https://www.fastmail.com/help/technical/servernamesandports.html?u=85f84118).
Do you plan to add support for plain authentication?
fastmail also supports LOGIN:
220 smtp.fastmail.com ESMTP ready
EHLO test
250-smtp.fastmail.com
250-PIPELINING
250-SIZE 71000000
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-AUTH PLAIN LOGIN
250 AUTH=PLAIN LOGIN
Could you try dma and check whether it is working?
Strange, I did try it before filing the issue and could not get it to work. It kept telling me "Authentication required". This is what I have in mail.log:
Nov 19 11:45:52 sd-100498 dma[c058f.253d6a0]: SSL initialization successful
Nov 19 11:45:52 sd-100498 dma[c058f.253d6a0]: remote delivery to smtp.fastmail.com [66.111.4.140] failed after MAIL FROM: 530 5.7.1 Authentication required
Nov 19 11:45:52 sd-100498 dma[c058f.253d6a0]: delivery failed, bouncing as c07be
did you enable authentication by setting the path to auth.conf in dma.conf?
Oh, the line was commented out so I assumed it was the default settings. That is a bit confusing.
Anyway, I uncommented it and the log output is different now:
Nov 20 16:54:58 sd-100498 dma[c0587.15916a0]: trying delivery
Nov 20 16:54:58 sd-100498 dma[c0587.15916a0]: using smarthost (smtp.fastmail.com:465)
Nov 20 16:54:58 sd-100498 dma[c0587.15916a0]: trying remote delivery to smtp.fastmail.com [66.111.4.139] pref 0
Nov 20 16:54:58 sd-100498 dma[c0587.15916a0]: SSL initialization successful
Nov 20 16:54:58 sd-100498 dma[c0587.15916a0]: using SMTP authentication for user [email protected]
Nov 20 16:54:58 sd-100498 dma[c0587.15916a0]: smarthost authentication: AUTH cram-md5 not available: 500 5.5.1 Invalid command
Nov 20 16:55:01 sd-100498 dma[c0587.15916a0]: remote delivery failed: Authentication failed: 535 5.7.0 Incorrect username or password.
Nov 20 16:55:01 sd-100498 dma[c0587.15916a0]: remote delivery failed: SMTP login failed: Success
Nov 20 16:55:01 sd-100498 dma[c0587.15916a0]: delivery failed, bouncing as c078d
I checked my credentials twice, they are correct.
Is there a chance the server would advertise it supports AUTH LOGIN but would not really support it? The same credentials work fine in the webmail and in ssmtp.
I tried opening an account with fastmail to debug this, but the SMS verification doesn't work. Sorry, I can't debug this.
The revised auth code merged in #34 would likely be a good way to solve this finally. The code implementing the LOGIN method is a close fit for the PLAIN method, so it might be worth looking into.
I've just setup a new server, and postfix only advertises AUTH PLAIN after STARTTLS
Here is the network log from claws mail:
* Account: '[email protected]': Connecting with SMTP server: mail.cweiske.de:587...
[12:27:24] SMTP< 220 mail.cweiske.de Kindergarten ES EM TE PE
[12:27:24] ESMTP> EHLO boo.home.cweiske.de
[12:27:24] ESMTP< 250-mail.cweiske.de
[12:27:24] ESMTP< 250-PIPELINING
[12:27:24] ESMTP< 250-SIZE 10240000
[12:27:24] ESMTP< 250-VRFY
[12:27:24] ESMTP< 250-ETRN
[12:27:24] ESMTP< 250-STARTTLS
[12:27:24] ESMTP< 250-ENHANCEDSTATUSCODES
[12:27:24] ESMTP< 250-8BITMIME
[12:27:24] ESMTP< 250-DSN
[12:27:25] ESMTP< 250 SMTPUTF8
[12:27:25] ESMTP> STARTTLS
[12:27:25] ESMTP< 220 2.0.0 Ready to start TLS
[12:27:25] ESMTP> EHLO boo.home.cweiske.de
[12:27:25] ESMTP< 250-mail.cweiske.de
[12:27:25] ESMTP< 250-PIPELINING
[12:27:25] ESMTP< 250-SIZE 10240000
[12:27:25] ESMTP< 250-VRFY
[12:27:25] ESMTP< 250-ETRN
[12:27:25] ESMTP< 250-AUTH PLAIN
[12:27:25] ESMTP< 250-ENHANCEDSTATUSCODES
[12:27:25] ESMTP< 250-8BITMIME
[12:27:25] ESMTP< 250-DSN
[12:27:25] ESMTP< 250 SMTPUTF8
[12:27:25] ESMTP> [AUTH PLAIN]
[12:27:25] ESMTP< 235 2.7.0 Authentication successful
DMA 0.11-1+b1 fails with this:
dma[hash]: smarthost authentication: AUTH cram-md5 not available: 535 5.7.8 Error: authentication failed: Invalid authentication mechanism
dma[hash]: remote delivery deferred: AUTH login not available: 535 5.7.8 Error: authentication failed: Invalid authentication mechanism
dma[hash]: SMTP login not available. Trying without.
dma[hash]: delivery successful
@corecode - if you'd like a test account on my server, drop me a mail.
so it doesn't fail?
On 19/12/2018 21:28, Christian Weiske wrote:
I've just setup a new server, and postfix only advertises AUTH PLAIN after STARTTLS:
|* Account: '[email protected]': Connecting with SMTP server: mail.cweiske.de:587... [12:27:24] SMTP< 220 mail.cweiske.de Kindergarten ES EM TE PE [12:27:24] ESMTP> EHLO boo.home.cweiske.de [12:27:24] ESMTP< 250-mail.cweiske.de [12:27:24] ESMTP< 250-PIPELINING [12:27:24] ESMTP< 250-SIZE 10240000 [12:27:24] ESMTP< 250-VRFY [12:27:24] ESMTP< 250-ETRN [12:27:24] ESMTP< 250-STARTTLS [12:27:24] ESMTP< 250-ENHANCEDSTATUSCODES [12:27:24] ESMTP< 250-8BITMIME [12:27:24] ESMTP< 250-DSN [12:27:25] ESMTP< 250 SMTPUTF8 [12:27:25] ESMTP> STARTTLS [12:27:25] ESMTP< 220 2.0.0 Ready to start TLS [12:27:25] ESMTP> EHLO boo.home.cweiske.de [12:27:25] ESMTP< 250-mail.cweiske.de [12:27:25] ESMTP< 250-PIPELINING [12:27:25] ESMTP< 250-SIZE 10240000 [12:27:25] ESMTP< 250-VRFY [12:27:25] ESMTP< 250-ETRN [12:27:25] ESMTP< 250-AUTH PLAIN [12:27:25] ESMTP< 250-ENHANCEDSTATUSCODES [12:27:25] ESMTP< 250-8BITMIME [12:27:25] ESMTP< 250-DSN [12:27:25] ESMTP< 250 SMTPUTF8 [12:27:25] ESMTP> [AUTH PLAIN] [12:27:25] ESMTP< 235 2.7.0 Authentication successful |
DMA 0.11-1+b1 fails with this:
|dma[hash]: smarthost authentication: AUTH cram-md5 not available: 535 5.7.8 Error: authentication failed: Invalid authentication mechanism dma[hash]: remote delivery deferred: AUTH login not available: 535 5.7.8 Error: authentication failed: Invalid authentication mechanism dma[hash]: SMTP login not available. Trying without. dma[hash]: delivery successful |
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/corecode/dma/issues/50#issuecomment-448733187, or mute the thread https://github.com/notifications/unsubscribe-auth/AAK3O8U94ahYz4SSmFeROvrLa_CV53zvks5u6qF-gaJpZM4K3Qsk.
Oh, that SMTP session was from claws mail, my normal client - so that I could demo how the EHLO response looks like. dma does fail.
Yes, because at that time the server allowed connections without authentication (which is why it says "SMTP login not available. Trying without."). This is not the case anymore, because all connections on port 587 must be authenticated.
could you please show the logs and ideally session transcript of the failing delivery?
dma: trying delivery
dma: using smarthost (mail.cweiske.de:587)
dma: trying remote delivery to mail.cweiske.de [2a01:488:66:1000:53a9:2dde:0:1] pref 0
dma: SSL initialization successful
dma: using SMTP authentication for user [email protected]
dma: smarthost authentication: AUTH cram-md5 not available: 535 5.7.8 Error: authentication failed: Invalid authentication mechanism
dma: remote delivery deferred: AUTH login not available: 535 5.7.8 Error: authentication failed: Invalid authentication mechanism
dma: SMTP login not available. Trying without.
dma: remote delivery to mail.cweiske.de [2a01:488:66:1000:53a9:2dde:0:1] failed after RCPT TO: 554 5.7.1 <p200300D9EBC1D200D25099FFFE2CF8C8.dip0.t-ipconnect.de[2003:d9:ebc1:d200:d250:99ff:fe2c:f8c8]>: Client host rejected: Access denied
dma: can not bounce a bounce message, discarding
I have no idea how I should capture the session transcript, given that STARTTLS is used in between. Or is there a hidden DMA config option to log the session?
thanks! I'm surprised that LOGIN is not supported, but I agree that PLAIN should be implemented as well.
I'm having the same problem - I'm trying to use dma with Zoho.com (smtp.zoho.com, using SSL on port 465), but it fails with:
smarthost authentication: AUTH cram-md5 not available: 501 Could not do Unknown Authentication
