Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
Trouble with SMTP notifications
« previous
next »
Print
Pages: [
1
]
Author
Topic: Trouble with SMTP notifications (Read 5375 times)
dcol
Hero Member
Posts: 635
Karma: 51
Trouble with SMTP notifications
«
on:
November 14, 2017, 12:45:25 am »
Trying to setup notifications for the first time and I have an issue with authentication.
Two email servers cannot verify the user/password. I run these email servers and know how to set them up. Using an account that has ports 2525 (Non-SSL), and 465 (SSL) for relaying mail. Neither port can authenticate the user.
I use this user with many other email clients with no issues. Even tried other users. I can see the connection flow which terminates when the sender cannot authenticate.
Is there somewhere in OPNsense that I can check the settings internally? Seems like we may have an encrypted login or something weird going on. My systems do not support encrypted logons. Besides, no need to encrypt a logon anyway when using SSL.
Here is an example of the flow using STARTTLS.
2017-11-13 16:19:56,276 - [ 548590] C --> EHLO firewall.opnsense
2017-11-13 16:19:56,277 - [ 548590] S <-- 250-wsip-10-0-0-1.tc.ph.cox.net. Please to meet you
2017-11-13 16:19:56,277 - [ 548590] S <-- 250-AUTH LOGIN
2017-11-13 16:19:56,277 - [ 548590] S <-- 250-AUTH=LOGIN
2017-11-13 16:19:56,277 - [ 548590] S <-- 250-STARTTLS
2017-11-13 16:19:56,277 - [ 548590] S <-- 250 OK
2017-11-13 16:19:56,313 - [ 548590] C --> STARTTLS
2017-11-13 16:19:56,313 - [ 548590] S <-- 220 Go ahead
2017-11-13 16:19:56,434 - [ 548590] C --> EHLO firewall.opnsense
2017-11-13 16:19:56,434 - [ 548590] S <-- 250-wsip-10-1-1-0.tc.ph.cox.net. Please to meet you
2017-11-13 16:19:56,434 - [ 548590] S <-- 250-AUTH LOGIN
2017-11-13 16:19:56,435 - [ 548590] S <-- 250-AUTH=LOGIN
2017-11-13 16:19:56,435 - [ 548590] S <-- 250 OK
2017-11-13 16:19:56,466 - [ 548590] C --> AUTH PLAIN Y29sMUByc21tYWlsLmNvbQBjb2wxQHJzbW1haWwuY29tAHRlc3RlcjEyMw==
2017-11-13 16:19:56,467 - [ 548590] S <-- 334 UGFzc3dvcmQ6
2017-11-13 16:19:56,485 - [ 548590] S <-- 535 5.7.3 Authentication unsuccessful.
2017-11-13 16:19:56,503 - [ 548590] C --> AUTH PLAIN Y29sMUByc21tYWlsLmNvbQB0ZXN0ZXIxMjMA
2017-11-13 16:19:56,503 - [ 548590] S <-- 334 UGFzc3dvcmQ6
As you can see the AUTH PLAIN is the issue. I cannot accept that type of authentication. How can I change that?
«
Last Edit: November 14, 2017, 12:56:23 am by dcol
»
Logged
bartjsmit
Hero Member
Posts: 2017
Karma: 194
Re: Trouble with SMTP notifications
«
Reply #1 on:
November 14, 2017, 08:14:13 am »
Are the recipients you want to notify all hosted on the mail server that you're connecting to?
If so, you don't need to authenticate at all - the server will accept mail for its authoritative domain(s) and even accept STARTTTLS without a login.
Bart...
Logged
dcol
Hero Member
Posts: 635
Karma: 51
Re: Trouble with SMTP notifications
«
Reply #2 on:
November 14, 2017, 03:57:55 pm »
No, the email servers are not on the OPNsense box. And whether I choose authentication or not I get the same results. The issue is both of my email servers do not support plain authentication, only normal. So I need to see if there is a way to change this in OPNsense, otherwise I will have to allow relay for the OPNsense WAN IP and I do not want to do that.
[UPDATE] Actually one of my email servers does support AUTH PLAIN and OPNsense still doesn't authenticate.
«
Last Edit: November 14, 2017, 04:05:37 pm by dcol
»
Logged
dcol
Hero Member
Posts: 635
Karma: 51
Re: Trouble with SMTP notifications
«
Reply #3 on:
November 14, 2017, 06:12:47 pm »
For now, until either the email server accepts AUTH PLAIN or I can get OPNsense to use normal password authentication, I just send the mail to a gmail account then forward the email to my email server. It at least works.
Logged
bartjsmit
Hero Member
Posts: 2017
Karma: 194
Re: Trouble with SMTP notifications
«
Reply #4 on:
November 14, 2017, 06:20:35 pm »
What software does your mail server run? Which host does your MX record point to?
Bart...
Logged
dcol
Hero Member
Posts: 635
Karma: 51
Re: Trouble with SMTP notifications
«
Reply #5 on:
November 14, 2017, 06:22:51 pm »
I use Smartermail on one system and Xeams on another. Neither can accept AUTH PLAIN logins. MX records are set depending on the domain.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
Trouble with SMTP notifications