Postfix incoming email get 521 client not authenticated

August 12, 2019 122 views
Email Ubuntu 18.04

Hello guys, after fllowing your tutorials, my ubuntu can actually send email with s-nail and it’s working fine.
I’ve setup and posconf’d a letsencrypt wildcart cert.

cat t.txt | s-nail -s 'super object' -r'contact@happy.property' myemail@gmail.com

When i try to reply to this email from gmail, i get the following error:
remote server: 530 5.7.1 Client was not authenticated

I can only guess it’s SSL-related, i’m not even sure. Googling this mostly refer to Exchange server with a checkbox to allow anonymous user. I cant find that config option on postfix.

Do you have any clue ?

Below my main.cnf

happyproperty@www:~$ cat /etc/postfix/main.cf
myhostname = mail.happy.property
myorigin = /etc/mailname
mydestination = mail.happy.property, domain.com, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

smtpd_tls_cert_file = /etc/letsencrypt/live/happy.property/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/happy.property/privkey.pem
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_security_level=may
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

local_recipient_maps = proxy:unix:passwd.byname $alias_maps
smtp_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_authenticated_header = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_sender_restrictions = reject_unknown_sender_domain
mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot.conf -m "${EXTENSION}"
smtp_use_tls = yes
smtpd_tls_auth_only = yes
tls_random_source = dev:/dev/urandom

And the dovecot.conf

happyproperty@www:~$ sudo ls -l /etc/dovecot/dovecot.conf
-rw-r--r-- 1 root root 660 Aug 11 21:47 /etc/dovecot/dovecot.conf
happyproperty@www:~$ sudo cat /etc/dovecot/dovecot.conf
disable_plaintext_auth = no
mail_privileged_group = mail
mail_location = mbox:~/mail:INBOX=/var/mail/%u
auth_verbose = yes

mail_debug = yes

userdb {
  driver = passwd
}
passdb {
  args = %s
  driver = pam
}
protocols = " imap"

protocol imap {
  mail_plugins = " autocreate"
}
plugin {
  autocreate = Trash
  autocreate2 = Sent
  autosubscribe = Trash
  autosubscribe2 = Sent
}

service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
}

ssl=required
ssl_cert = </etc/letsencrypt/live/happy.property/fullchain.pem
ssl_key = </etc/letsencrypt/live/happy.property/privkey.pem

listen = *, ::

cerbotpaths:

  Certificate Name: happy.property
    Domains: *.happy.property
    Expiry Date: 2019-11-09 12:37:12+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/happy.property/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/happy.property/privkey.pem

1 Answer

Have you authenticated with the postfix server?

  • hum, what do you mean? The goal is to be able to receive email from any customer. I cant ask them to authenticate. But i’m not sure i understood what your meant.

Have another answer? Share your knowledge.