Postfix auth issue

Question

I'm currently facing auth issue. When I'm trying to auth via telnet, I face an issue

"535 5.7.8 Error: authentication failed: authentication failure"

I use password and login the same, as I use for login in my server, but It says, that login information is wrong.

Here is my telnet log:

telnet ....... 25
Trying ...........
Connected to .........
Escape character is '^]'.
220 ..........com ESMTP Postfix 
EHLO local.domain.name 
250-...........com 
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH DIGEST-MD5 CRAM-MD5 NTLM PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
auth login

Than I code my login and password in base64 and get error.

Here is my config file:

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
#delay_warning_time = 4h
readme_directory = no
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = .........
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = /etc/postfix/local-host-names
relayhost =
#mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mynetworks = 0.0.0.0/0
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtpd_sasl_auth_enable = yes
smtp_sasl_auth_enable = yes

home_mailbox = Maildir/
mailbox_command =
virtual_maps = hash:/etc/postfix/virtusertable

What am I missing here? Thanks

Answer 1

Read Postfix SASL Howto first. You are missing this:

Postfix does not implement SASL itself, but instead uses existing implementations as building blocks. This means that some SASL-related configuration files will belong to Postfix, while other configuration files belong to the specific SASL implementation that Postfix will use. This document covers both the Postfix and non-Postfix configuration.

Successful authentication in the Postfix SMTP server requires a functional SASL framework. Configuring SASL should therefore always be the first step, before configuring Postfix.

But that's only the beginning. You probably don't actually want to allow plain text authentication as you are currently doing, but use STARTTLS, instead. Then, authenticated users usually use submission on port 587 as port 25 is generally blocked on Internet connections that aren't intended for mail servers. Postfix and Dovecot SASL how-to from Dovecot wiki puts most of this nicely together with clear configuration examples.