postfix headaches - send mails between different droplets, same hostname.

Posted September 17, 2015 3.6k views

Hi, i’ve a problem with postfix sending mail between virtual domains in droplets.
I’ve 2 droplets with several domains in each droplet with virtualmin: ->
-> ->

when i try to send mails between my domains there’s a problem… perhaps postfix try to send locally?¿:
Sending from domainA1 to domainB1:
SASL authentication failed; server <> said: 535 5.7.8 Error: authentication failed: authentication failure

If I send to any external domain (gmail, hotmail, …) no problem.


These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer

First of all we can’t help you out easily when you don’t provide any information about your server. Once you ask a question, we need to know where we are dealing with to help you out. So what kind of server are you running, what configurations are you using? Atleast post the Did you check your logs for any more information?

  • Hi!, sorry, the server is ubuntu, the default config. of virtualmin. is:

    See /usr/share/postfix/ for a commented, more complete version

    Debian specific: Specifying a file name will cause the first

    line of that file to be used as the name. The Debian default

    is /etc/mailname.

    myorigin = /etc/mailname

    smtpdbanner = $myhostname ESMTP $mailname (Ubuntu)
    biff = no

    appending .domain is the MUA’s job.

    appenddotmydomain = no

    Uncomment the next line to generate “delayed mail” warnings

    delaywarningtime = 4h

    readme_directory = no

    TLS parameters

    smtpdtlssessioncachedatabase = btree:${datadirectory}/smtpdscache
    smtptlssessioncachedatabase = btree:${datadirectory}/smtpscache

    See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for

    information on enabling SSL in the smtp client.

    myhostname = xxxx
    aliasmaps = hash:/etc/aliases
    database = hash:/etc/aliases
    myorigin = /etc/mailname
    mydestination =
    mynetworks = [::ffff:]/104 [::1]/128
    mailboxcommand = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
    sizelimit = 0
    delimiter = +
    virtualaliasmaps = hash:/etc/postfix/virtual
    senderbccmaps = hash:/etc/postfix/bcc
    homemailbox = Maildir/
    saslauthenable = yes
    smtpdsaslsecurityoptions = noanonymous
    saslauthclients = yes
    smtpdrecipientrestrictions = permitmynetworks permitsaslauthenticated rejectunauthdestination checkpolicyservice inet:
    percenthack = no
    defaultaction = accept
    protocol = 2
    smtpdmilters = inet:localhost:8891
    smtpdmilters = inet:localhost:8891
    queuelifetime = 2d
    maps = hash:/etc/postfix/transport
    smtpsaslauthenable = yes
    saslpasswordmaps = static:user:pass
    smtpsaslsecurity_options = noanonymous

    And the logs:
    When i send a mail to any external domain: (gmail, hotmail) OK:
    Sep 9 20:58:49 prod postfix/smtp[22713]: 83F7B807A8:, orig_to=<yyyyy>,[]:25, delay=13, delays=12/0.01/0.67/0.62, dsn=2.0.0, status=sent (250 2.0.0 OK 1441825128 n6si2883743wjq.53 - gsmtp)

    But if i send a mail to a domain of dropletb… ¿it looks like tries to login to the server?
    Sep 17 11:41:15 prod postfix/smtp[20550]: E5D908087C: to=xxxx@domaindropletb,[x.x.x.x]:25, delay=2.1, delays=0.05/0.02/2.1/0, dsn=4.7.8, status=deferred (SASL authentication failed; server[x.x.x.x]: said: 535 5.7.8 Error: authentication failed: authentication failure)
    probably is because my droplet’s name share the same domain?
    droplet1: hostname (
    droplet2:hostname (


    • What do you have inside your SASL smtpd.conf ?
      Please post it in a code block. Its easier to read then

      • just:

        pwcheck_method: saslauthd
        mech_list: plain login
        • in both droplets (, the problem is.... why is trying authenticate in mail server of dropletb? I’ve a problem with smtpd concepts… if send to gmail, hotmail no problem, send to domain of dropletb tries authenticate? How can I say that mails send to a certain domain must not be treated as local/trying to authenticate?