| View previous topic :: View next topic |
| Author |
Message |
jang0
n00b
Joined: 09 Nov 2020
Posts: 72
|
 Posted: Mon Apr 04, 2022 1:02 am Post subject: postfix dovecot migrating from courier |
 |
|
I'm setting up a mail server using postfix and dovecot, migrating it from courier. I've been successful to some extent: migrating mailboxes, reading postgresql databases, authenticating users using "doveadm" command and from roundcube. The problem arises when I try to authenticate using telnet and configuring SMTP as explain in this guide.
AUTH PLAIN output:
| Code: |
535 5.7.8 Error: authentication failed:
|
Could you please give me some advise?
Last edited by jang0 on Sat Apr 09, 2022 4:19 pm; edited 1 time in total |
|
| Back to top |
|
 |
szatox
Advocate
Joined: 27 Aug 2013
Posts: 3131
|
| Posted: Mon Apr 04, 2022 9:42 am Post subject: |
|
|
I don't think PLAIN AUTH is allowed over insecure connections by default. You must either use a dedicated SSL port or call STARTSSL first and then authenticate over encrypted connection.
AFAIR openssl s_client accepts -starttls flag and you might be able to use it instead of telnet for your test on port 25.
Edit: Also, port 25 is typically used for incoming mail, which does not require authentication in the first place, since your server has no way to know the sender talking to it via an external provider. Authentication is required for emails sent from the server's domains, and this happens on mail submission port, 587/tcp. Even though many servers do allow mail submission on port 25 too, you will sometimes find servers that don't. |
|
| Back to top |
|
|
jang0
n00b
Joined: 09 Nov 2020
Posts: 72
|
| Posted: Sat Apr 09, 2022 4:17 pm Post subject: |
|
|
Ok, I've continued and configured TLS certificates successfuly. At this moment sent emails go to spam folder, therefore I configured DKIM and send an email to check-auth@verifier.port25.com getting the following results:
| Code: |
SPF check: none
"iprev" check: pass
DKIM check: pass
|
Emails continue filtered as Spam. Is SPF indispensable for google servers receive my emails as trustworthy or could be another reasons involved? |
|
| Back to top |
|
|
szatox
Advocate
Joined: 27 Aug 2013
Posts: 3131
|
| Posted: Sat Apr 09, 2022 5:01 pm Post subject: |
|
|
The most likely reason is you have a new domains with no reputation, so all the big players hate you.
Many servers are happy accepting emails as long as either SPF or DKIM matches, you can control it to some degree with policy declared in a DMARC record.
This said, make sure you do have a correct SPF. Some servers are more paranoid than others.
Also, your IP may be more or less dirty from activities of previous users. If you send good mails for some time, your reputation with recipients should increase to the point they won't filter you out anymore, but it's not going to happen overnight.
Also, spam filters can take user's interactions into account, so ask recipients to mark your flagged emails as not spam, either by clicking a button offered in the webmail's UI or dragging them from spam folder to inbox. |
|
| Back to top |
|
|
freke
l33t
Joined: 23 Jan 2003
Posts: 975
Location: Somewhere in Denmark
|
| Posted: Sat Apr 09, 2022 5:39 pm Post subject: |
|
|
Could also be missing PTR-record/reverse dns?
ie. does your announced hostname match when somebody resolves your ip-address? |
|
| Back to top |
|
|
|
Networking & Security
