Menu
jpbarroso
By:
jpbarroso

postfix headaches - send mails between different droplets, same hostname.

September 17, 2015 1.3k views
Email Ubuntu

Hi, i've a problem with postfix sending mail between virtual domains in droplets.
I've 2 droplets with several domains in each droplet with virtualmin:
dropletA.domain.com -> domainA1.com
-> domainA2.com

dropletB.domain.com -> domainB1.com
-> domainB2.com

when i try to send mails between my domains there's a problem... perhaps postfix try to send locally?¿:
Sending from domainA1 to domainB1:
SASL authentication failed; server <dropletB.domain.com> said: 535 5.7.8 Error: authentication failed: authentication failure

If I send to any external domain (gmail, hotmail, ...) no problem.

Thanks!

Log In to Comment
1 Answer
CrypticDesigns September 17, 2015

Hello,
First of all we can't help you out easily when you don't provide any information about your server. Once you ask a question, we need to know where we are dealing with to help you out. So what kind of server are you running, what configurations are you using? Atleast post the main.cf. Did you check your logs for any more information?

Reply
  • jpbarroso September 18, 2015

    Hi!, sorry, the server is ubuntu, the default config. of virtualmin.
    main.cf is:

    See /usr/share/postfix/main.cf.dist for a commented, more complete version Debian specific: Specifying a file name will cause the first line of that file to be used as the name. The Debian default is /etc/mailname. myorigin = /etc/mailname

    smtpdbanner = $myhostname ESMTP $mailname (Ubuntu)
    biff = no

    appending .domain is the MUA's job.

    appenddotmydomain = no

    Uncomment the next line to generate "delayed mail" warnings delaywarningtime = 4h

    readme_directory = no

    TLS parameters

    smtpdtlscertfile=/etc/ssl/certs/ssl-cert-snakeoil.pem
    smtpd    tlskeyfile=/etc/ssl/private/ssl-cert-snakeoil.key
    smtpdusetls=yes
    smtpdtlssessioncachedatabase = btree:${datadirectory}/smtpdscache
    smtptlssessioncachedatabase = btree:${datadirectory}/smtpscache

    See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for information on enabling SSL in the smtp client.

    myhostname = xxxx
    aliasmaps = hash:/etc/aliases
    alias    database = hash:/etc/aliases
    myorigin = /etc/mailname
    mydestination =
    mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
    mailboxcommand = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
    mailbox    sizelimit = 0
    recipient    delimiter = +
    virtualaliasmaps = hash:/etc/postfix/virtual
    senderbccmaps = hash:/etc/postfix/bcc
    homemailbox = Maildir/
    smtpd    saslauthenable = yes
    smtpdsaslsecurityoptions = noanonymous
    broken    saslauthclients = yes
    smtpdrecipientrestrictions = permitmynetworks permitsaslauthenticated rejectunauthdestination checkpolicyservice inet:127.0.0.1:10023
    allow    percenthack = no
    milter    defaultaction = accept
    milter    protocol = 2
    smtpdmilters = inet:localhost:8891
    non    smtpdmilters = inet:localhost:8891
    maximal    queuelifetime = 2d
    transport    maps = hash:/etc/postfix/transport
    smtpsaslauthenable = yes
    smtp    saslpasswordmaps = static:user:pass
    smtpsaslsecurity_options = noanonymous

    And the logs:
    When i send a mail to any external domain: (gmail, hotmail) OK:
    Sep 9 20:58:49 prod postfix/smtp[22713]: 83F7B807A8: to=xxx@gmail.com, orig_to=<yyyyy>, relay=gmail-smtp-in.l.google.com[74.125.136.27]:25, delay=13, delays=12/0.01/0.67/0.62, dsn=2.0.0, status=sent (250 2.0.0 OK 1441825128 n6si2883743wjq.53 - gsmtp)

    But if i send a mail to a domain of dropletb... ¿it looks like tries to login to the server?
    Sep 17 11:41:15 prod postfix/smtp[20550]: E5D908087C: to=xxxx@domaindropletb, relay=dropletb.domain.com[x.x.x.x]:25, delay=2.1, delays=0.05/0.02/2.1/0, dsn=4.7.8, status=deferred (SASL authentication failed; server dropletb.domain.com[x.x.x.x]: said: 535 5.7.8 Error: authentication failed: authentication failure)
    probably is because my droplet's name share the same domain?
    droplet1: hostname (dropletA.domain.com)
    droplet2:hostname (dropletB.domain.com)

    thanks!

    • CrypticDesigns September 20, 2015

      What do you have inside your SASL smtpd.conf ?
      Please post it in a code block. Its easier to read then

      • jpbarroso September 20, 2015

        just:

        pwcheck_method: saslauthd
mech_list: plain login
        • jpbarroso September 20, 2015

          in both droplets (dropletA.domain.com, dropletB.domain.com) the problem is.... why is trying authenticate in mail server of dropletb? I've a problem with smtpd concepts... if send to gmail, hotmail no problem, send to domain of dropletb tries authenticate? How can I say that mails send to a certain domain must not be treated as local/trying to authenticate?

          thanksss!

Have another answer? Share your knowledge.

Related Questions