Question

Postfix incoming email get 521 client not authenticated

Hello guys, after fllowing your tutorials, my ubuntu can actually send email with s-nail and it’s working fine. I’ve setup and posconf’d a letsencrypt wildcart cert.

cat t.txt | s-nail -s 'super object' -r'contact@happy.property' myemail@gmail.com

When i try to reply to this email from gmail, i get the following error: remote server: 530 5.7.1 Client was not authenticated

I can only guess it’s SSL-related, i’m not even sure. Googling this mostly refer to Exchange server with a checkbox to allow anonymous user. I cant find that config option on postfix.

Do you have any clue ?

Below my main.cnf

happyproperty@www:~$ cat /etc/postfix/main.cf
myhostname = mail.happy.property
myorigin = /etc/mailname
mydestination = mail.happy.property, domain.com, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

smtpd_tls_cert_file = /etc/letsencrypt/live/happy.property/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/happy.property/privkey.pem
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_security_level=may
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

local_recipient_maps = proxy:unix:passwd.byname $alias_maps
smtp_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_authenticated_header = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_sender_restrictions = reject_unknown_sender_domain
mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot.conf -m "${EXTENSION}"
smtp_use_tls = yes
smtpd_tls_auth_only = yes
tls_random_source = dev:/dev/urandom

And the dovecot.conf

happyproperty@www:~$ sudo ls -l /etc/dovecot/dovecot.conf
-rw-r--r-- 1 root root 660 Aug 11 21:47 /etc/dovecot/dovecot.conf
happyproperty@www:~$ sudo cat /etc/dovecot/dovecot.conf
disable_plaintext_auth = no
mail_privileged_group = mail
mail_location = mbox:~/mail:INBOX=/var/mail/%u
auth_verbose = yes

mail_debug = yes

userdb {
  driver = passwd
}
passdb {
  args = %s
  driver = pam
}
protocols = " imap"

protocol imap {
  mail_plugins = " autocreate"
}
plugin {
  autocreate = Trash
  autocreate2 = Sent
  autosubscribe = Trash
  autosubscribe2 = Sent
}

service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
}

ssl=required
ssl_cert = </etc/letsencrypt/live/happy.property/fullchain.pem
ssl_key = </etc/letsencrypt/live/happy.property/privkey.pem

listen = *, ::

cerbotpaths:

  Certificate Name: happy.property
    Domains: *.happy.property
    Expiry Date: 2019-11-09 12:37:12+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/happy.property/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/happy.property/privkey.pem


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Have you authenticated with the postfix server?