Question

Postfix incoming email get 521 client not authenticated

Posted August 12, 2019 347 views
Email Ubuntu 18.04

Hello guys, after fllowing your tutorials, my ubuntu can actually send email with s-nail and it’s working fine.
I’ve setup and posconf’d a letsencrypt wildcart cert.

cat t.txt | s-nail -s 'super object' -r'contact@happy.property' myemail@gmail.com

When i try to reply to this email from gmail, i get the following error:
remote server: 530 5.7.1 Client was not authenticated

I can only guess it’s SSL-related, i’m not even sure. Googling this mostly refer to Exchange server with a checkbox to allow anonymous user. I cant find that config option on postfix.

Do you have any clue ?

Below my main.cnf

happyproperty@www:~$ cat /etc/postfix/main.cf
myhostname = mail.happy.property
myorigin = /etc/mailname
mydestination = mail.happy.property, domain.com, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

smtpd_tls_cert_file = /etc/letsencrypt/live/happy.property/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/happy.property/privkey.pem
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_security_level=may
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

local_recipient_maps = proxy:unix:passwd.byname $alias_maps
smtp_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_authenticated_header = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_sender_restrictions = reject_unknown_sender_domain
mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot.conf -m "${EXTENSION}"
smtp_use_tls = yes
smtpd_tls_auth_only = yes
tls_random_source = dev:/dev/urandom

And the dovecot.conf

happyproperty@www:~$ sudo ls -l /etc/dovecot/dovecot.conf
-rw-r--r-- 1 root root 660 Aug 11 21:47 /etc/dovecot/dovecot.conf
happyproperty@www:~$ sudo cat /etc/dovecot/dovecot.conf
disable_plaintext_auth = no
mail_privileged_group = mail
mail_location = mbox:~/mail:INBOX=/var/mail/%u
auth_verbose = yes

mail_debug = yes

userdb {
  driver = passwd
}
passdb {
  args = %s
  driver = pam
}
protocols = " imap"

protocol imap {
  mail_plugins = " autocreate"
}
plugin {
  autocreate = Trash
  autocreate2 = Sent
  autosubscribe = Trash
  autosubscribe2 = Sent
}

service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
}

ssl=required
ssl_cert = </etc/letsencrypt/live/happy.property/fullchain.pem
ssl_key = </etc/letsencrypt/live/happy.property/privkey.pem

listen = *, ::

cerbotpaths:

  Certificate Name: happy.property
    Domains: *.happy.property
    Expiry Date: 2019-11-09 12:37:12+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/happy.property/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/happy.property/privkey.pem

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

1 answer

Have you authenticated with the postfix server?

  • hum, what do you mean? The goal is to be able to receive email from any customer. I cant ask them to authenticate. But i’m not sure i understood what your meant.

Submit an Answer