Opensmtpd authentication error

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

Opensmtpd authentication error

Flipchan
Hello,
im trying to create a mail server and i keep getting opensmtpd authentication fail


i tried using neomutt and regular mutt, but no success


tail -f /var/log/maillog
Mar  6 18:15:37 mail dovecot: imap-login: Login: user=<[hidden email]>, method=PLAIN, rip=homeip, lip=server, mpid=54071, TLS, session=<GUjwbcJm/VRe/m7Z>
Mar  6 18:15:48 mail dovecot: imap-login: Login: user=<[hidden email]>, method=PLAIN, rip=homeip, lip=server, mpid=11081, TLS, session=<LwGSbsJm7oRe/m7Z>
Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp event=connected address=homeip host=homeip
Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp event=starttls address=homeip host=homeip ciphers="version=TLSv1.2, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256"
Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp event=authentication user=user address=homeip host=homeip result=permfail
Mar  6 18:15:56 mail smtpd[77144]: 7b289a2a8f3efe40 smtp event=failed-command address=homeip host=homeip command="AUTH PLAIN (...)" result="535 Authentication failed"
Mar  6 18:15:57 mail smtpd[77144]: 7b289a2a8f3efe40 smtp event=closed address=homeip host=homeip reason=disconnect

 



dovecot works so i can get imap but opensmtpd does work

im using openbsd6.2


# cat /etc/mail/smtpd.conf
pki mail.mysite.com certificate "/etc/ssl/mail.mysite.com.crt"
pki mail.mysite.com key "/etc/ssl/private/mail.mysite.com.key"

# tables setup
table aliases file:/etc/mail/aliases
table domains file:/etc/mail/domains
table passwd file:/etc/mail/passwd
table virtuals file:/etc/mail/virtuals

# listen ports setup
#listen on lo0
listen on vio0 port 25 tls-require pki mail.mysite.com
#listen on vio0 port 587 tls-require pki mail.mysite.com auth <passwd>
listen on vio0 port 587 smtps pki mail.mysite.com auth <passwd>
# special case for gmail to avoid ipv6 here
#limit mta for domain gmail.com inet4

# allow local messages
accept from local for local alias <aliases> deliver to lmtp "/var/dovecot/lmtp" rcpt-to
# allow virtual domains
accept from any for domain <domains> virtual <virtuals> deliver to lmtp "/var/dovecot/lmtp" rcpt-to
# allow outgoing mails
accept from local for any relay
#reject from ! source <other-relays> sender "@mysite.com" for any



both dovecot and smtpd reads passwd's from /etc/mail/passwd and only dovecot works, think its some kind of smtpd config that is wrong...



Does anyone know why it fails/has tips?


my mutt config:

# cat .mutt/muttrc                                                                                        
set my_user = '[hidden email]'
set smtp_url = 'smtps://[hidden email]:587'
set from = "user"
set realname = 'user'
set ssl_force_tls = yes
set ssl_starttls = yes
#imap
set imap_user = '[hidden email]'
#use user_agent = no
set imap_pass = 'useruser'
#set from = '[hidden email]'
#set realname = 'user'
set smtp_pass = 'useruser'
set folder = 'imap://mail.mysite.com'
set spoolfile = 'imap://mail.mysite.com/INBOX'
set postponed = 'imap://mail.mysite.com/Drafts'
set header_cache = '/home/test/mutt/cache/headers'
set message_cachedir = '/home/test/mutt/cache/bodies'




--
Take Care Sincerely flipchan layerprox dev
Reply | Threaded
Open this post in threaded view
|

Re: Opensmtpd authentication error

Edgar Pettijohn III-2

On Mar 6, 2018 12:48 PM, flipchan <[hidden email]> wrote:

>
> Hello,
> im trying to create a mail server and i keep getting opensmtpd authentication fail
>
>
> i tried using neomutt and regular mutt, but no success
>
>
> tail -f /var/log/maillog
> Mar  6 18:15:37 mail dovecot: imap-login: Login: user=<[hidden email]>, method=PLAIN, rip=homeip, lip=server, mpid=54071, TLS, session=<GUjwbcJm/VRe/m7Z>
> Mar  6 18:15:48 mail dovecot: imap-login: Login: user=<[hidden email]>, method=PLAIN, rip=homeip, lip=server, mpid=11081, TLS, session=<LwGSbsJm7oRe/m7Z>
> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp event=connected address=homeip host=homeip
> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp event=starttls address=homeip host=homeip ciphers="version=TLSv1.2, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256"
> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp event=authentication user=user address=homeip host=homeip result=permfail
> Mar  6 18:15:56 mail smtpd[77144]: 7b289a2a8f3efe40 smtp event=failed-command address=homeip host=homeip command="AUTH PLAIN (...)" result="535 Authentication failed"
> Mar  6 18:15:57 mail smtpd[77144]: 7b289a2a8f3efe40 smtp event=closed address=homeip host=homeip reason=disconnect
>
>
>
>
>
> dovecot works so i can get imap but opensmtpd does work
>
> im using openbsd6.2
>
>
> # cat /etc/mail/smtpd.conf
> pki mail.mysite.com certificate "/etc/ssl/mail.mysite.com.crt"
> pki mail.mysite.com key "/etc/ssl/private/mail.mysite.com.key"
>
> # tables setup
> table aliases file:/etc/mail/aliases
> table domains file:/etc/mail/domains
> table passwd file:/etc/mail/passwd

Is this a passwd file in passwd format from the extras package?  If so try:

table passwd passwd:/etc/mail/passwd

> table virtuals file:/etc/mail/virtuals
>
> # listen ports setup
> #listen on lo0
> listen on vio0 port 25 tls-require pki mail.mysite.com
> #listen on vio0 port 587 tls-require pki mail.mysite.com auth <passwd>
> listen on vio0 port 587 smtps pki mail.mysite.com auth <passwd>
> # special case for gmail to avoid ipv6 here
> #limit mta for domain gmail.com inet4
>
> # allow local messages
> accept from local for local alias <aliases> deliver to lmtp "/var/dovecot/lmtp" rcpt-to
> # allow virtual domains
> accept from any for domain <domains> virtual <virtuals> deliver to lmtp "/var/dovecot/lmtp" rcpt-to
> # allow outgoing mails
> accept from local for any relay
> #reject from ! source <other-relays> sender "@mysite.com" for any
>
>
>
> both dovecot and smtpd reads passwd's from /etc/mail/passwd and only dovecot works, think its some kind of smtpd config that is wrong...
>
>
>
> Does anyone know why it fails/has tips?
>
>
> my mutt config:
>
> # cat .mutt/muttrc                                                                                        
> set my_user = '[hidden email]'
> set smtp_url = 'smtps://[hidden email]:587'
> set from = "user"
> set realname = 'user'
> set ssl_force_tls = yes
> set ssl_starttls = yes
> #imap
> set imap_user = '[hidden email]'
> #use user_agent = no
> set imap_pass = 'useruser'
> #set from = '[hidden email]'
> #set realname = 'user'
> set smtp_pass = 'useruser'
> set folder = 'imap://mail.mysite.com'
> set spoolfile = 'imap://mail.mysite.com/INBOX'
> set postponed = 'imap://mail.mysite.com/Drafts'
> set header_cache = '/home/test/mutt/cache/headers'
> set message_cachedir = '/home/test/mutt/cache/bodies'
>
>
>
>
> --
> Take Care Sincerely flipchan layerprox dev

Reply | Threaded
Open this post in threaded view
|

Re: Opensmtpd authentication error

trondd-2
In reply to this post by Flipchan
On Tue, March 6, 2018 1:48 pm, flipchan wrote:

> Hello,
> im trying to create a mail server and i keep getting opensmtpd
> authentication fail
>
>
> i tried using neomutt and regular mutt, but no success
>
>
> tail -f /var/log/maillog
> Mar  6 18:15:37 mail dovecot: imap-login: Login: user=<[hidden email]>,
> method=PLAIN, rip=homeip, lip=server, mpid=54071, TLS,
> session=<GUjwbcJm/VRe/m7Z>
> Mar  6 18:15:48 mail dovecot: imap-login: Login: user=<[hidden email]>,
> method=PLAIN, rip=homeip, lip=server, mpid=11081, TLS,
> session=<LwGSbsJm7oRe/m7Z>
> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp event=connected
> address=homeip host=homeip
> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp event=starttls
> address=homeip host=homeip ciphers="version=TLSv1.2,
> cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256"
> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
> event=authentication user=user address=homeip host=homeip result=permfail
> Mar  6 18:15:56 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
> event=failed-command address=homeip host=homeip command="AUTH PLAIN (...)"
> result="535 Authentication failed"
> Mar  6 18:15:57 mail smtpd[77144]: 7b289a2a8f3efe40 smtp event=closed
> address=homeip host=homeip reason=disconnect
>
>
>
>
>
> dovecot works so i can get imap but opensmtpd does work
>
> im using openbsd6.2
>
>
> # cat /etc/mail/smtpd.conf
> pki mail.mysite.com certificate "/etc/ssl/mail.mysite.com.crt"
> pki mail.mysite.com key "/etc/ssl/private/mail.mysite.com.key"
>
> # tables setup
> table aliases file:/etc/mail/aliases
> table domains file:/etc/mail/domains
> table passwd file:/etc/mail/passwd
> table virtuals file:/etc/mail/virtuals
>
> # listen ports setup
> #listen on lo0
> listen on vio0 port 25 tls-require pki mail.mysite.com
> #listen on vio0 port 587 tls-require pki mail.mysite.com auth <passwd>
> listen on vio0 port 587 smtps pki mail.mysite.com auth <passwd>
> # special case for gmail to avoid ipv6 here
> #limit mta for domain gmail.com inet4
>
> # allow local messages
> accept from local for local alias <aliases> deliver to lmtp
> "/var/dovecot/lmtp" rcpt-to
> # allow virtual domains
> accept from any for domain <domains> virtual <virtuals> deliver to lmtp
> "/var/dovecot/lmtp" rcpt-to
> # allow outgoing mails
> accept from local for any relay
> #reject from ! source <other-relays> sender "@mysite.com" for any
>
>
>
> both dovecot and smtpd reads passwd's from /etc/mail/passwd and only
> dovecot works, think its some kind of smtpd config that is wrong...
>

Is the password encrypted properly?

     In a listener context, the credentials are a mapping of username and
     encrypted passwords:

           user1  
$2b$10$hIJ4QfMcp.90nJwKqGbKM.MybArjHOTpEtoTV.DgLYAiThuoYmTSe
           user2  
$2b$10$bwSmUOBGcZGamIfRuXGTvuTo3VLbPG9k5yeKNMBtULBhksV5KdGsK

     The passwords are to be encrypted using the smtpctl(8) encrypt
     subcommand.

Reply | Threaded
Open this post in threaded view
|

Re: Opensmtpd authentication error

Flipchan
smtpctl encrypt mypassword

Then syntax
user:password ?

On March 6, 2018 9:46:26 PM UTC, trondd <[hidden email]> wrote:

>On Tue, March 6, 2018 1:48 pm, flipchan wrote:
>> Hello,
>> im trying to create a mail server and i keep getting opensmtpd
>> authentication fail
>>
>>
>> i tried using neomutt and regular mutt, but no success
>>
>>
>> tail -f /var/log/maillog
>> Mar  6 18:15:37 mail dovecot: imap-login: Login:
>user=<[hidden email]>,
>> method=PLAIN, rip=homeip, lip=server, mpid=54071, TLS,
>> session=<GUjwbcJm/VRe/m7Z>
>> Mar  6 18:15:48 mail dovecot: imap-login: Login:
>user=<[hidden email]>,
>> method=PLAIN, rip=homeip, lip=server, mpid=11081, TLS,
>> session=<LwGSbsJm7oRe/m7Z>
>> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>event=connected
>> address=homeip host=homeip
>> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>event=starttls
>> address=homeip host=homeip ciphers="version=TLSv1.2,
>> cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256"
>> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>> event=authentication user=user address=homeip host=homeip
>result=permfail
>> Mar  6 18:15:56 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>> event=failed-command address=homeip host=homeip command="AUTH PLAIN
>(...)"
>> result="535 Authentication failed"
>> Mar  6 18:15:57 mail smtpd[77144]: 7b289a2a8f3efe40 smtp event=closed
>> address=homeip host=homeip reason=disconnect
>>
>>
>>
>>
>>
>> dovecot works so i can get imap but opensmtpd does work
>>
>> im using openbsd6.2
>>
>>
>> # cat /etc/mail/smtpd.conf
>> pki mail.mysite.com certificate "/etc/ssl/mail.mysite.com.crt"
>> pki mail.mysite.com key "/etc/ssl/private/mail.mysite.com.key"
>>
>> # tables setup
>> table aliases file:/etc/mail/aliases
>> table domains file:/etc/mail/domains
>> table passwd file:/etc/mail/passwd
>> table virtuals file:/etc/mail/virtuals
>>
>> # listen ports setup
>> #listen on lo0
>> listen on vio0 port 25 tls-require pki mail.mysite.com
>> #listen on vio0 port 587 tls-require pki mail.mysite.com auth
><passwd>
>> listen on vio0 port 587 smtps pki mail.mysite.com auth <passwd>
>> # special case for gmail to avoid ipv6 here
>> #limit mta for domain gmail.com inet4
>>
>> # allow local messages
>> accept from local for local alias <aliases> deliver to lmtp
>> "/var/dovecot/lmtp" rcpt-to
>> # allow virtual domains
>> accept from any for domain <domains> virtual <virtuals> deliver to
>lmtp
>> "/var/dovecot/lmtp" rcpt-to
>> # allow outgoing mails
>> accept from local for any relay
>> #reject from ! source <other-relays> sender "@mysite.com" for any
>>
>>
>>
>> both dovecot and smtpd reads passwd's from /etc/mail/passwd and only
>> dovecot works, think its some kind of smtpd config that is wrong...
>>
>
>Is the password encrypted properly?
>
>   In a listener context, the credentials are a mapping of username and
>     encrypted passwords:
>
>           user1  
>$2b$10$hIJ4QfMcp.90nJwKqGbKM.MybArjHOTpEtoTV.DgLYAiThuoYmTSe
>           user2  
>$2b$10$bwSmUOBGcZGamIfRuXGTvuTo3VLbPG9k5yeKNMBtULBhksV5KdGsK
>
>     The passwords are to be encrypted using the smtpctl(8) encrypt
>     subcommand.

--
Take Care Sincerely flipchan layerprox dev
Reply | Threaded
Open this post in threaded view
|

Re: Opensmtpd authentication error

trondd-2
On Wed, March 7, 2018 10:06 am, flipchan wrote:

> smtpctl encrypt mypassword
>
> Then syntax
> user:password ?
>
> On March 6, 2018 9:46:26 PM UTC, trondd <[hidden email]> wrote:
>>On Tue, March 6, 2018 1:48 pm, flipchan wrote:
>>> Hello,
>>> im trying to create a mail server and i keep getting opensmtpd
>>> authentication fail
>>>
>>>
>>> i tried using neomutt and regular mutt, but no success
>>>
>>>
>>> tail -f /var/log/maillog
>>> Mar  6 18:15:37 mail dovecot: imap-login: Login:
>>user=<[hidden email]>,
>>> method=PLAIN, rip=homeip, lip=server, mpid=54071, TLS,
>>> session=<GUjwbcJm/VRe/m7Z>
>>> Mar  6 18:15:48 mail dovecot: imap-login: Login:
>>user=<[hidden email]>,
>>> method=PLAIN, rip=homeip, lip=server, mpid=11081, TLS,
>>> session=<LwGSbsJm7oRe/m7Z>
>>> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>>event=connected
>>> address=homeip host=homeip
>>> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>>event=starttls
>>> address=homeip host=homeip ciphers="version=TLSv1.2,
>>> cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256"
>>> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>>> event=authentication user=user address=homeip host=homeip
>>result=permfail
>>> Mar  6 18:15:56 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>>> event=failed-command address=homeip host=homeip command="AUTH PLAIN
>>(...)"
>>> result="535 Authentication failed"
>>> Mar  6 18:15:57 mail smtpd[77144]: 7b289a2a8f3efe40 smtp event=closed
>>> address=homeip host=homeip reason=disconnect
>>>
>>>
>>>
>>>
>>>
>>> dovecot works so i can get imap but opensmtpd does work
>>>
>>> im using openbsd6.2
>>>
>>>
>>> # cat /etc/mail/smtpd.conf
>>> pki mail.mysite.com certificate "/etc/ssl/mail.mysite.com.crt"
>>> pki mail.mysite.com key "/etc/ssl/private/mail.mysite.com.key"
>>>
>>> # tables setup
>>> table aliases file:/etc/mail/aliases
>>> table domains file:/etc/mail/domains
>>> table passwd file:/etc/mail/passwd
>>> table virtuals file:/etc/mail/virtuals
>>>
>>> # listen ports setup
>>> #listen on lo0
>>> listen on vio0 port 25 tls-require pki mail.mysite.com
>>> #listen on vio0 port 587 tls-require pki mail.mysite.com auth
>><passwd>
>>> listen on vio0 port 587 smtps pki mail.mysite.com auth <passwd>
>>> # special case for gmail to avoid ipv6 here
>>> #limit mta for domain gmail.com inet4
>>>
>>> # allow local messages
>>> accept from local for local alias <aliases> deliver to lmtp
>>> "/var/dovecot/lmtp" rcpt-to
>>> # allow virtual domains
>>> accept from any for domain <domains> virtual <virtuals> deliver to
>>lmtp
>>> "/var/dovecot/lmtp" rcpt-to
>>> # allow outgoing mails
>>> accept from local for any relay
>>> #reject from ! source <other-relays> sender "@mysite.com" for any
>>>
>>>
>>>
>>> both dovecot and smtpd reads passwd's from /etc/mail/passwd and only
>>> dovecot works, think its some kind of smtpd config that is wrong...
>>>
>>
>>Is the password encrypted properly?
>>
>>   In a listener context, the credentials are a mapping of username and
>>     encrypted passwords:
>>
>>           user1
>>$2b$10$hIJ4QfMcp.90nJwKqGbKM.MybArjHOTpEtoTV.DgLYAiThuoYmTSe
>>           user2
>>$2b$10$bwSmUOBGcZGamIfRuXGTvuTo3VLbPG9k5yeKNMBtULBhksV5KdGsK
>>
>>     The passwords are to be encrypted using the smtpctl(8) encrypt
>>     subcommand.
>
> --
> Take Care Sincerely flipchan layerprox dev
>

This comes from the table(5) man page.

The file will be:
username encryptedpassword

Reply | Threaded
Open this post in threaded view
|

Re: Opensmtpd authentication error

Edgar Pettijohn III-2
In reply to this post by Flipchan

On Mar 7, 2018 9:06 AM, flipchan <[hidden email]> wrote:
>
> smtpctl encrypt mypassword
>
> Then syntax
> user:password ?

Should be whitespace

user encryptedpassword

>
> On March 6, 2018 9:46:26 PM UTC, trondd <[hidden email]> wrote:
> >On Tue, March 6, 2018 1:48 pm, flipchan wrote:
> >> Hello,
> >> im trying to create a mail server and i keep getting opensmtpd
> >> authentication fail
> >>
> >>
> >> i tried using neomutt and regular mutt, but no success
> >>
> >>
> >> tail -f /var/log/maillog
> >> Mar  6 18:15:37 mail dovecot: imap-login: Login:
> >user=<[hidden email]>,
> >> method=PLAIN, rip=homeip, lip=server, mpid=54071, TLS,
> >> session=<GUjwbcJm/VRe/m7Z>
> >> Mar  6 18:15:48 mail dovecot: imap-login: Login:
> >user=<[hidden email]>,
> >> method=PLAIN, rip=homeip, lip=server, mpid=11081, TLS,
> >> session=<LwGSbsJm7oRe/m7Z>
> >> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
> >event=connected
> >> address=homeip host=homeip
> >> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
> >event=starttls
> >> address=homeip host=homeip ciphers="version=TLSv1.2,
> >> cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256"
> >> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
> >> event=authentication user=user address=homeip host=homeip
> >result=permfail
> >> Mar  6 18:15:56 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
> >> event=failed-command address=homeip host=homeip command="AUTH PLAIN
> >(...)"
> >> result="535 Authentication failed"
> >> Mar  6 18:15:57 mail smtpd[77144]: 7b289a2a8f3efe40 smtp event=closed
> >> address=homeip host=homeip reason=disconnect
> >>
> >>
> >>
> >>
> >>
> >> dovecot works so i can get imap but opensmtpd does work
> >>
> >> im using openbsd6.2
> >>
> >>
> >> # cat /etc/mail/smtpd.conf
> >> pki mail.mysite.com certificate "/etc/ssl/mail.mysite.com.crt"
> >> pki mail.mysite.com key "/etc/ssl/private/mail.mysite.com.key"
> >>
> >> # tables setup
> >> table aliases file:/etc/mail/aliases
> >> table domains file:/etc/mail/domains
> >> table passwd file:/etc/mail/passwd
> >> table virtuals file:/etc/mail/virtuals
> >>
> >> # listen ports setup
> >> #listen on lo0
> >> listen on vio0 port 25 tls-require pki mail.mysite.com
> >> #listen on vio0 port 587 tls-require pki mail.mysite.com auth
> ><passwd>
> >> listen on vio0 port 587 smtps pki mail.mysite.com auth <passwd>
> >> # special case for gmail to avoid ipv6 here
> >> #limit mta for domain gmail.com inet4
> >>
> >> # allow local messages
> >> accept from local for local alias <aliases> deliver to lmtp
> >> "/var/dovecot/lmtp" rcpt-to
> >> # allow virtual domains
> >> accept from any for domain <domains> virtual <virtuals> deliver to
> >lmtp
> >> "/var/dovecot/lmtp" rcpt-to
> >> # allow outgoing mails
> >> accept from local for any relay
> >> #reject from ! source <other-relays> sender "@mysite.com" for any
> >>
> >>
> >>
> >> both dovecot and smtpd reads passwd's from /etc/mail/passwd and only
> >> dovecot works, think its some kind of smtpd config that is wrong...
> >>
> >
> >Is the password encrypted properly?
> >
> >   In a listener context, the credentials are a mapping of username and
> >     encrypted passwords:
> >
> >           user1 
> >$2b$10$hIJ4QfMcp.90nJwKqGbKM.MybArjHOTpEtoTV.DgLYAiThuoYmTSe
> >           user2 
> >$2b$10$bwSmUOBGcZGamIfRuXGTvuTo3VLbPG9k5yeKNMBtULBhksV5KdGsK
> >
> >     The passwords are to be encrypted using the smtpctl(8) encrypt
> >     subcommand.
>
> --
> Take Care Sincerely flipchan layerprox dev

Reply | Threaded
Open this post in threaded view
|

Re: Opensmtpd authentication error

Flipchan
In reply to this post by trondd-2
Yeah, they are encrypted using smtpctl and the syntax with space doesnt work and in other ppls configurations they have passwd instead of file but its not supported anymore it seems like

On March 7, 2018 3:19:18 PM UTC, trondd <[hidden email]> wrote:

>On Wed, March 7, 2018 10:06 am, flipchan wrote:
>> smtpctl encrypt mypassword
>>
>> Then syntax
>> user:password ?
>>
>> On March 6, 2018 9:46:26 PM UTC, trondd <[hidden email]>
>wrote:
>>>On Tue, March 6, 2018 1:48 pm, flipchan wrote:
>>>> Hello,
>>>> im trying to create a mail server and i keep getting opensmtpd
>>>> authentication fail
>>>>
>>>>
>>>> i tried using neomutt and regular mutt, but no success
>>>>
>>>>
>>>> tail -f /var/log/maillog
>>>> Mar  6 18:15:37 mail dovecot: imap-login: Login:
>>>user=<[hidden email]>,
>>>> method=PLAIN, rip=homeip, lip=server, mpid=54071, TLS,
>>>> session=<GUjwbcJm/VRe/m7Z>
>>>> Mar  6 18:15:48 mail dovecot: imap-login: Login:
>>>user=<[hidden email]>,
>>>> method=PLAIN, rip=homeip, lip=server, mpid=11081, TLS,
>>>> session=<LwGSbsJm7oRe/m7Z>
>>>> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>>>event=connected
>>>> address=homeip host=homeip
>>>> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>>>event=starttls
>>>> address=homeip host=homeip ciphers="version=TLSv1.2,
>>>> cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256"
>>>> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>>>> event=authentication user=user address=homeip host=homeip
>>>result=permfail
>>>> Mar  6 18:15:56 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>>>> event=failed-command address=homeip host=homeip command="AUTH PLAIN
>>>(...)"
>>>> result="535 Authentication failed"
>>>> Mar  6 18:15:57 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>event=closed
>>>> address=homeip host=homeip reason=disconnect
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> dovecot works so i can get imap but opensmtpd does work
>>>>
>>>> im using openbsd6.2
>>>>
>>>>
>>>> # cat /etc/mail/smtpd.conf
>>>> pki mail.mysite.com certificate "/etc/ssl/mail.mysite.com.crt"
>>>> pki mail.mysite.com key "/etc/ssl/private/mail.mysite.com.key"
>>>>
>>>> # tables setup
>>>> table aliases file:/etc/mail/aliases
>>>> table domains file:/etc/mail/domains
>>>> table passwd file:/etc/mail/passwd
>>>> table virtuals file:/etc/mail/virtuals
>>>>
>>>> # listen ports setup
>>>> #listen on lo0
>>>> listen on vio0 port 25 tls-require pki mail.mysite.com
>>>> #listen on vio0 port 587 tls-require pki mail.mysite.com auth
>>><passwd>
>>>> listen on vio0 port 587 smtps pki mail.mysite.com auth <passwd>
>>>> # special case for gmail to avoid ipv6 here
>>>> #limit mta for domain gmail.com inet4
>>>>
>>>> # allow local messages
>>>> accept from local for local alias <aliases> deliver to lmtp
>>>> "/var/dovecot/lmtp" rcpt-to
>>>> # allow virtual domains
>>>> accept from any for domain <domains> virtual <virtuals> deliver to
>>>lmtp
>>>> "/var/dovecot/lmtp" rcpt-to
>>>> # allow outgoing mails
>>>> accept from local for any relay
>>>> #reject from ! source <other-relays> sender "@mysite.com" for any
>>>>
>>>>
>>>>
>>>> both dovecot and smtpd reads passwd's from /etc/mail/passwd and
>only
>>>> dovecot works, think its some kind of smtpd config that is wrong...
>>>>
>>>
>>>Is the password encrypted properly?
>>>
>>>   In a listener context, the credentials are a mapping of username
>and
>>>     encrypted passwords:
>>>
>>>           user1
>>>$2b$10$hIJ4QfMcp.90nJwKqGbKM.MybArjHOTpEtoTV.DgLYAiThuoYmTSe
>>>           user2
>>>$2b$10$bwSmUOBGcZGamIfRuXGTvuTo3VLbPG9k5yeKNMBtULBhksV5KdGsK
>>>
>>>     The passwords are to be encrypted using the smtpctl(8) encrypt
>>>     subcommand.
>>
>> --
>> Take Care Sincerely flipchan layerprox dev
>>
>
>This comes from the table(5) man page.
>
>The file will be:
>username encryptedpassword

--
Take Care Sincerely flipchan layerprox dev
Reply | Threaded
Open this post in threaded view
|

Re: Opensmtpd authentication error

Edgar Pettijohn III-2
In reply to this post by Flipchan
You have to install opensmtpd-extras package to use the passwd table.
On Mar 7, 2018 3:21 PM, flipchan <[hidden email]> wrote:

>
> Yeah, they are encrypted using smtpctl and the syntax with space doesnt work and in other ppls configurations they have passwd instead of file but its not supported anymore it seems like
>
> On March 7, 2018 3:19:18 PM UTC, trondd <[hidden email]> wrote:
> >On Wed, March 7, 2018 10:06 am, flipchan wrote:
> >> smtpctl encrypt mypassword
> >>
> >> Then syntax
> >> user:password ?
> >>
> >> On March 6, 2018 9:46:26 PM UTC, trondd <[hidden email]>
> >wrote:
> >>>On Tue, March 6, 2018 1:48 pm, flipchan wrote:
> >>>> Hello,
> >>>> im trying to create a mail server and i keep getting opensmtpd
> >>>> authentication fail
> >>>>
> >>>>
> >>>> i tried using neomutt and regular mutt, but no success
> >>>>
> >>>>
> >>>> tail -f /var/log/maillog
> >>>> Mar  6 18:15:37 mail dovecot: imap-login: Login:
> >>>user=<[hidden email]>,
> >>>> method=PLAIN, rip=homeip, lip=server, mpid=54071, TLS,
> >>>> session=<GUjwbcJm/VRe/m7Z>
> >>>> Mar  6 18:15:48 mail dovecot: imap-login: Login:
> >>>user=<[hidden email]>,
> >>>> method=PLAIN, rip=homeip, lip=server, mpid=11081, TLS,
> >>>> session=<LwGSbsJm7oRe/m7Z>
> >>>> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
> >>>event=connected
> >>>> address=homeip host=homeip
> >>>> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
> >>>event=starttls
> >>>> address=homeip host=homeip ciphers="version=TLSv1.2,
> >>>> cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256"
> >>>> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
> >>>> event=authentication user=user address=homeip host=homeip
> >>>result=permfail
> >>>> Mar  6 18:15:56 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
> >>>> event=failed-command address=homeip host=homeip command="AUTH PLAIN
> >>>(...)"
> >>>> result="535 Authentication failed"
> >>>> Mar  6 18:15:57 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
> >event=closed
> >>>> address=homeip host=homeip reason=disconnect
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> dovecot works so i can get imap but opensmtpd does work
> >>>>
> >>>> im using openbsd6.2
> >>>>
> >>>>
> >>>> # cat /etc/mail/smtpd.conf
> >>>> pki mail.mysite.com certificate "/etc/ssl/mail.mysite.com.crt"
> >>>> pki mail.mysite.com key "/etc/ssl/private/mail.mysite.com.key"
> >>>>
> >>>> # tables setup
> >>>> table aliases file:/etc/mail/aliases
> >>>> table domains file:/etc/mail/domains
> >>>> table passwd file:/etc/mail/passwd
> >>>> table virtuals file:/etc/mail/virtuals
> >>>>
> >>>> # listen ports setup
> >>>> #listen on lo0
> >>>> listen on vio0 port 25 tls-require pki mail.mysite.com
> >>>> #listen on vio0 port 587 tls-require pki mail.mysite.com auth
> >>><passwd>
> >>>> listen on vio0 port 587 smtps pki mail.mysite.com auth <passwd>
> >>>> # special case for gmail to avoid ipv6 here
> >>>> #limit mta for domain gmail.com inet4
> >>>>
> >>>> # allow local messages
> >>>> accept from local for local alias <aliases> deliver to lmtp
> >>>> "/var/dovecot/lmtp" rcpt-to
> >>>> # allow virtual domains
> >>>> accept from any for domain <domains> virtual <virtuals> deliver to
> >>>lmtp
> >>>> "/var/dovecot/lmtp" rcpt-to
> >>>> # allow outgoing mails
> >>>> accept from local for any relay
> >>>> #reject from ! source <other-relays> sender "@mysite.com" for any
> >>>>
> >>>>
> >>>>
> >>>> both dovecot and smtpd reads passwd's from /etc/mail/passwd and
> >only
> >>>> dovecot works, think its some kind of smtpd config that is wrong...
> >>>>
> >>>
> >>>Is the password encrypted properly?
> >>>
> >>>   In a listener context, the credentials are a mapping of username
> >and
> >>>     encrypted passwords:
> >>>
> >>>           user1
> >>>$2b$10$hIJ4QfMcp.90nJwKqGbKM.MybArjHOTpEtoTV.DgLYAiThuoYmTSe
> >>>           user2
> >>>$2b$10$bwSmUOBGcZGamIfRuXGTvuTo3VLbPG9k5yeKNMBtULBhksV5KdGsK
> >>>
> >>>     The passwords are to be encrypted using the smtpctl(8) encrypt
> >>>     subcommand.
> >>
> >> --
> >> Take Care Sincerely flipchan layerprox dev
> >>
> >
> >This comes from the table(5) man page.
> >
> >The file will be:
> >username encryptedpassword
>
> --
> Take Care Sincerely flipchan layerprox dev

Reply | Threaded
Open this post in threaded view
|

Re: Opensmtpd authentication error

Flipchan
In reply to this post by Flipchan
Okey i installed opensmtpd-extra and tried a cleaner smtpd.conf file: dpaste.com/255DGXH.txt

Same authentication failed when i try in mutt

On March 7, 2018 9:25:18 PM UTC, [hidden email] wrote:

>You have to install opensmtpd-extras package to use the passwd table.
>On Mar 7, 2018 3:21 PM, flipchan <[hidden email]> wrote:
>>
>> Yeah, they are encrypted using smtpctl and the syntax with space
>doesnt work and in other ppls configurations they have passwd instead
>of file but its not supported anymore it seems like
>>
>> On March 7, 2018 3:19:18 PM UTC, trondd <[hidden email]>
>wrote:
>> >On Wed, March 7, 2018 10:06 am, flipchan wrote:
>> >> smtpctl encrypt mypassword
>> >>
>> >> Then syntax
>> >> user:password ?
>> >>
>> >> On March 6, 2018 9:46:26 PM UTC, trondd <[hidden email]>
>> >wrote:
>> >>>On Tue, March 6, 2018 1:48 pm, flipchan wrote:
>> >>>> Hello,
>> >>>> im trying to create a mail server and i keep getting opensmtpd
>> >>>> authentication fail
>> >>>>
>> >>>>
>> >>>> i tried using neomutt and regular mutt, but no success
>> >>>>
>> >>>>
>> >>>> tail -f /var/log/maillog
>> >>>> Mar  6 18:15:37 mail dovecot: imap-login: Login:
>> >>>user=<[hidden email]>,
>> >>>> method=PLAIN, rip=homeip, lip=server, mpid=54071, TLS,
>> >>>> session=<GUjwbcJm/VRe/m7Z>
>> >>>> Mar  6 18:15:48 mail dovecot: imap-login: Login:
>> >>>user=<[hidden email]>,
>> >>>> method=PLAIN, rip=homeip, lip=server, mpid=11081, TLS,
>> >>>> session=<LwGSbsJm7oRe/m7Z>
>> >>>> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>> >>>event=connected
>> >>>> address=homeip host=homeip
>> >>>> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>> >>>event=starttls
>> >>>> address=homeip host=homeip ciphers="version=TLSv1.2,
>> >>>> cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256"
>> >>>> Mar  6 18:15:55 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>> >>>> event=authentication user=user address=homeip host=homeip
>> >>>result=permfail
>> >>>> Mar  6 18:15:56 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>> >>>> event=failed-command address=homeip host=homeip command="AUTH
>PLAIN
>> >>>(...)"
>> >>>> result="535 Authentication failed"
>> >>>> Mar  6 18:15:57 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>> >event=closed
>> >>>> address=homeip host=homeip reason=disconnect
>> >>>>
>> >>>>
>> >>>>
>> >>>>
>> >>>>
>> >>>> dovecot works so i can get imap but opensmtpd does work
>> >>>>
>> >>>> im using openbsd6.2
>> >>>>
>> >>>>
>> >>>> # cat /etc/mail/smtpd.conf
>> >>>> pki mail.mysite.com certificate "/etc/ssl/mail.mysite.com.crt"
>> >>>> pki mail.mysite.com key "/etc/ssl/private/mail.mysite.com.key"
>> >>>>
>> >>>> # tables setup
>> >>>> table aliases file:/etc/mail/aliases
>> >>>> table domains file:/etc/mail/domains
>> >>>> table passwd file:/etc/mail/passwd
>> >>>> table virtuals file:/etc/mail/virtuals
>> >>>>
>> >>>> # listen ports setup
>> >>>> #listen on lo0
>> >>>> listen on vio0 port 25 tls-require pki mail.mysite.com
>> >>>> #listen on vio0 port 587 tls-require pki mail.mysite.com auth
>> >>><passwd>
>> >>>> listen on vio0 port 587 smtps pki mail.mysite.com auth <passwd>
>> >>>> # special case for gmail to avoid ipv6 here
>> >>>> #limit mta for domain gmail.com inet4
>> >>>>
>> >>>> # allow local messages
>> >>>> accept from local for local alias <aliases> deliver to lmtp
>> >>>> "/var/dovecot/lmtp" rcpt-to
>> >>>> # allow virtual domains
>> >>>> accept from any for domain <domains> virtual <virtuals> deliver
>to
>> >>>lmtp
>> >>>> "/var/dovecot/lmtp" rcpt-to
>> >>>> # allow outgoing mails
>> >>>> accept from local for any relay
>> >>>> #reject from ! source <other-relays> sender "@mysite.com" for
>any
>> >>>>
>> >>>>
>> >>>>
>> >>>> both dovecot and smtpd reads passwd's from /etc/mail/passwd and
>> >only
>> >>>> dovecot works, think its some kind of smtpd config that is
>wrong...
>> >>>>
>> >>>
>> >>>Is the password encrypted properly?
>> >>>
>> >>>   In a listener context, the credentials are a mapping of
>username
>> >and
>> >>>     encrypted passwords:
>> >>>
>> >>>           user1
>> >>>$2b$10$hIJ4QfMcp.90nJwKqGbKM.MybArjHOTpEtoTV.DgLYAiThuoYmTSe
>> >>>           user2
>> >>>$2b$10$bwSmUOBGcZGamIfRuXGTvuTo3VLbPG9k5yeKNMBtULBhksV5KdGsK
>> >>>
>> >>>     The passwords are to be encrypted using the smtpctl(8)
>encrypt
>> >>>     subcommand.
>> >>
>> >> --
>> >> Take Care Sincerely flipchan layerprox dev
>> >>
>> >
>> >This comes from the table(5) man page.
>> >
>> >The file will be:
>> >username encryptedpassword
>>
>> --
>> Take Care Sincerely flipchan layerprox dev

--
Take Care Sincerely flipchan layerprox dev
Reply | Threaded
Open this post in threaded view
|

Re: Opensmtpd authentication error

Edgar Pettijohn III-2


On 03/07/18 16:25, flipchan wrote:

> Okey i installed opensmtpd-extra and tried a cleaner smtpd.conf file:
> dpaste.com/255DGXH.txt
>
> Same authentication failed when i try in mutt
>
> On March 7, 2018 9:25:18 PM UTC, [hidden email] wrote:
>
>     You have to install opensmtpd-extras package to use the passwd table.
>     On Mar 7, 2018 3:21 PM, flipchan <[hidden email]> wrote:
>
>         Yeah, they are encrypted using smtpctl and the syntax with
>         space doesnt work and in other ppls configurations they have
>         passwd instead of file but its not supported anymore it seems
>         like On March 7, 2018 3:19:18 PM UTC, trondd
>         <[hidden email]> wrote:
>
>             On Wed, March 7, 2018 10:06 am, flipchan wrote:
>
>                 smtpctl encrypt mypassword Then syntax user:password ?
>                 On March 6, 2018 9:46:26 PM UTC, trondd
>                 <[hidden email]>
>
>             wrote:
>
>                     On Tue, March 6, 2018 1:48 pm, flipchan wrote:
>
>                         Hello, im trying to create a mail server and i
>                         keep getting opensmtpd authentication fail i
>                         tried using neomutt and regular mutt, but no
>                         success tail -f /var/log/maillog Mar  6
>                         18:15:37 mail dovecot: imap-login: Login:
>
>                     user=<[hidden email]>,
>
>                         method=PLAIN, rip=homeip, lip=server,
>                         mpid=54071, TLS, session=<GUjwbcJm/VRe/m7Z>
>                         Mar  6 18:15:48 mail dovecot: imap-login: Login:
>
>                     user=<[hidden email]>,
>
>                         method=PLAIN, rip=homeip, lip=server,
>                         mpid=11081, TLS, session=<LwGSbsJm7oRe/m7Z>
>                         Mar  6 18:15:55 mail smtpd[77144]:
>                         7b289a2a8f3efe40 smtp
>
>                     event=connected
>
>                         address=homeip host=homeip Mar  6 18:15:55
>                         mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>
>                     event=starttls
>
>                         address=homeip host=homeip
>                         ciphers="version=TLSv1.2,
>                         cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256"
>                         Mar  6 18:15:55 mail smtpd[77144]:
>                         7b289a2a8f3efe40 smtp event=authentication
>                         user=user address=homeip host=homeip
>
>                     result=permfail
>
>                         Mar  6 18:15:56 mail smtpd[77144]:
>                         7b289a2a8f3efe40 smtp event=failed-command
>                         address=homeip host=homeip command="AUTH PLAIN
>
>                     (...)"
>
>                         result="535 Authentication failed" Mar  6
>                         18:15:57 mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>
>             event=closed
>
>                         address=homeip host=homeip reason=disconnect
>                         dovecot works so i can get imap but opensmtpd
>                         does work im using openbsd6.2 # cat
>                         /etc/mail/smtpd.conf pki mail.mysite.com
>                         certificate "/etc/ssl/mail.mysite.com.crt" pki
>                         mail.mysite.com key
>                         "/etc/ssl/private/mail.mysite.com.key" #
>                         tables setup table aliases
>                         file:/etc/mail/aliases table domains
>                         file:/etc/mail/domains table passwd
>                         file:/etc/mail/passwd table virtuals
>                         file:/etc/mail/virtuals # listen ports setup
>                         #listen on lo0 listen on vio0 port 25
>                         tls-require pki mail.mysite.com #listen on
>                         vio0 port 587 tls-require pki mail.mysite.com
>                         auth
>
>                     <passwd>
>
>                         listen on vio0 port 587 smtps pki
>                         mail.mysite.com auth <passwd> # special case
>                         for gmail to avoid ipv6 here #limit mta for
>                         domain gmail.com inet4 # allow local messages
>                         accept from local for local alias <aliases>
>                         deliver to lmtp "/var/dovecot/lmtp" rcpt-to #
>                         allow virtual domains accept from any for
>                         domain <domains> virtual <virtuals> deliver to
>
>                     lmtp
>
>                         "/var/dovecot/lmtp" rcpt-to # allow outgoing
>                         mails accept from local for any relay #reject
>                         from ! source <other-relays> sender
>                         "@mysite.com" for any both dovecot and smtpd
>                         reads passwd's from /etc/mail/passwd and
>
>             only
>
>                         dovecot works, think its some kind of smtpd
>                         config that is wrong...
>
>                     Is the password encrypted properly?    In a
>                     listener context, the credentials are a mapping of
>                     username
>
>             and
>
>                          encrypted passwords:            user1
>                     $2b$10$hIJ4QfMcp.90nJwKqGbKM.MybArjHOTpEtoTV.DgLYAiThuoYmTSe
>                                user2
>                     $2b$10$bwSmUOBGcZGamIfRuXGTvuTo3VLbPG9k5yeKNMBtULBhksV5KdGsK
>                          The passwords are to be encrypted using the
>                     smtpctl(8) encrypt      subcommand.
>
>                 -- Take Care Sincerely flipchan layerprox dev
>
>             This comes from the table(5) man page. The file will be:
>             username encryptedpassword
>
>         -- Take Care Sincerely flipchan layerprox dev
>
>
>
> --
> Take Care Sincerely flipchan layerprox dev

Remove mutt from the equation:

perl -MMIME::Base64 -e 'print
encode_base64("*\000*user\@domain.com*\000*plaintextpassword")'
save output from above for later

openssl s_client -starttls smtp -crlf -connect 1.2.3.4:587 I'm not an
openssl expert I use the above when testing. Your mileage may vary. lots
of output.... CONNECTED(SOMENUMBERS) >>>user input <<<server response
 >>>ehlo itsme.org <<<250-mail.pettijohn-web.com Hello itsme.org
[50.59.65.45], pleased to meet you <<<250-8BITMIME
<<<250-ENHANCEDSTATUSCODES <<<250-SIZE 36700160 <<<250-DSN <<<250-AUTH
PLAIN LOGIN <<<250 HELP >>>auth plain <<<334
 >>>AGVkZ2FyQHBl789am9obi13ZWIuY29tADY3Q29ydmFpciE= (from the above perl
command) <<<235 2.0.0: Authentication succeeded >>>mail
from:<[hidden email]> <<<250 2.0.0: Ok >>>rcpt
to:<[hidden email]> <<<250 2.1.5 Destination address valid:
Recipient ok >>>data <<<354 Enter mail, end with "." on a line by itself
 >>>To: Edgar >>>From: Edgar >>>Subject: cli auth >>>it works >>>.
<<<250 2.0.0: 65a74964 Message accepted for delivery



Reply | Threaded
Open this post in threaded view
|

Re: Opensmtpd authentication error

Edgar Pettijohn III-2


On 03/07/18 17:35, Edgar Pettijohn wrote:

>
>
> On 03/07/18 16:25, flipchan wrote:
>> Okey i installed opensmtpd-extra and tried a cleaner smtpd.conf file:
>> dpaste.com/255DGXH.txt
>>
>> Same authentication failed when i try in mutt
>>
>> On March 7, 2018 9:25:18 PM UTC, [hidden email] wrote:
>>
>>     You have to install opensmtpd-extras package to use the passwd
>> table.
>>     On Mar 7, 2018 3:21 PM, flipchan <[hidden email]> wrote:
>>
>>         Yeah, they are encrypted using smtpctl and the syntax with
>>         space doesnt work and in other ppls configurations they have
>>         passwd instead of file but its not supported anymore it seems
>>         like On March 7, 2018 3:19:18 PM UTC, trondd
>>         <[hidden email]> wrote:
>>
>>             On Wed, March 7, 2018 10:06 am, flipchan wrote:
>>
>>                 smtpctl encrypt mypassword Then syntax user:password ?
>>                 On March 6, 2018 9:46:26 PM UTC, trondd
>>                 <[hidden email]>
>>             wrote:
>>
>>                     On Tue, March 6, 2018 1:48 pm, flipchan wrote:
>>
>>                         Hello, im trying to create a mail server and i
>>                         keep getting opensmtpd authentication fail i
>>                         tried using neomutt and regular mutt, but no
>>                         success tail -f /var/log/maillog Mar  6
>>                         18:15:37 mail dovecot: imap-login: Login:
>>                     user=<[hidden email]>,
>>
>>                         method=PLAIN, rip=homeip, lip=server,
>>                         mpid=54071, TLS, session=<GUjwbcJm/VRe/m7Z>
>>                         Mar  6 18:15:48 mail dovecot: imap-login: Login:
>>                     user=<[hidden email]>,
>>
>>                         method=PLAIN, rip=homeip, lip=server,
>>                         mpid=11081, TLS, session=<LwGSbsJm7oRe/m7Z>
>>                         Mar  6 18:15:55 mail smtpd[77144]:
>>                         7b289a2a8f3efe40 smtp
>>                     event=connected
>>
>>                         address=homeip host=homeip Mar  6 18:15:55
>>                         mail smtpd[77144]: 7b289a2a8f3efe40 smtp
>>                     event=starttls
>>
>>                         address=homeip host=homeip
>>                         ciphers="version=TLSv1.2,
>>                         cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256"
>>                         Mar  6 18:15:55 mail smtpd[77144]:
>>                         7b289a2a8f3efe40 smtp event=authentication
>>                         user=user address=homeip host=homeip
>>                     result=permfail
>>
>>                         Mar  6 18:15:56 mail smtpd[77144]:
>>                         7b289a2a8f3efe40 smtp event=failed-command
>>                         address=homeip host=homeip command="AUTH PLAIN
>>                     (...)"
>>
>>                         result="535 Authentication failed" Mar 6
>>                         18:15:57 mail smtpd[77144]: 7b289a2a8f3efe40
>> smtp
>>             event=closed
>>
>>                         address=homeip host=homeip reason=disconnect
>>                         dovecot works so i can get imap but opensmtpd
>>                         does work im using openbsd6.2 # cat
>>                         /etc/mail/smtpd.conf pki mail.mysite.com
>>                         certificate "/etc/ssl/mail.mysite.com.crt" pki
>>                         mail.mysite.com key
>>                         "/etc/ssl/private/mail.mysite.com.key" #
>>                         tables setup table aliases
>>                         file:/etc/mail/aliases table domains
>>                         file:/etc/mail/domains table passwd
>>                         file:/etc/mail/passwd table virtuals
>>                         file:/etc/mail/virtuals # listen ports setup
>>                         #listen on lo0 listen on vio0 port 25
>>                         tls-require pki mail.mysite.com #listen on
>>                         vio0 port 587 tls-require pki mail.mysite.com
>>                         auth
>>                     <passwd>
>>
>>                         listen on vio0 port 587 smtps pki
>>                         mail.mysite.com auth <passwd> # special case
>>                         for gmail to avoid ipv6 here #limit mta for
>>                         domain gmail.com inet4 # allow local messages
>>                         accept from local for local alias <aliases>
>>                         deliver to lmtp "/var/dovecot/lmtp" rcpt-to #
>>                         allow virtual domains accept from any for
>>                         domain <domains> virtual <virtuals> deliver to
>>                     lmtp
>>
>>                         "/var/dovecot/lmtp" rcpt-to # allow outgoing
>>                         mails accept from local for any relay #reject
>>                         from ! source <other-relays> sender
>>                         "@mysite.com" for any both dovecot and smtpd
>>                         reads passwd's from /etc/mail/passwd and
>>             only
>>
>>                         dovecot works, think its some kind of smtpd
>>                         config that is wrong...
>>
>>                     Is the password encrypted properly?    In a
>>                     listener context, the credentials are a mapping of
>>                     username
>>             and
>>
>>                          encrypted passwords:            user1
>> $2b$10$hIJ4QfMcp.90nJwKqGbKM.MybArjHOTpEtoTV.DgLYAiThuoYmTSe
>>                                user2
>> $2b$10$bwSmUOBGcZGamIfRuXGTvuTo3VLbPG9k5yeKNMBtULBhksV5KdGsK
>>                          The passwords are to be encrypted using the
>>                     smtpctl(8) encrypt      subcommand.
>>                 -- Take Care Sincerely flipchan layerprox dev
>>
>>             This comes from the table(5) man page. The file will be:
>>             username encryptedpassword
>>         -- Take Care Sincerely flipchan layerprox dev
>>
>>
>> --
>> Take Care Sincerely flipchan layerprox dev
>
Sorry apparently my '/n's disappeared :(
> Remove mutt from the equation:
>
> perl -MMIME::Base64 -e 'print
> encode_base64("*\000*user\@domain.com*\000*plaintextpassword")'
> save output from above for later
>
> openssl s_client -starttls smtp -crlf -connect 1.2.3.4:587

> I'm not an openssl expert I use the above when testing. Your mileage
> may vary.

> lots of output....

> CONNECTED(SOMENUMBERS)

> >>>user input

> <<<server response

> >>>ehlo itsme.org

> <<<250-mail.pettijohn-web.com Hello itsme.org [50.59.65.45], pleased
> to meet you

> <<<250-8BITMIME

> <<<250-ENHANCEDSTATUSCODES

> <<<250-SIZE 36700160

> <<<250-DSN

> <<<250-AUTH PLAIN LOGIN

> <<<250 HELP

> >>>auth plain

> <<<334

> >>>AGVkZ2FyQHBl789am9obi13ZWIuY29tADY3Q29ydmFpciE= (from the above
> perl command)

> <<<235 2.0.0: Authentication succeeded

> >>>mail from:<[hidden email]>

> <<<250 2.0.0: Ok

> >>>rcpt to:<[hidden email]>

> <<<250 2.1.5 Destination address valid: Recipient ok

> >>>data

> <<<354 Enter mail, end with "." on a line by itself

> >>>To: Edgar

> >>>From: Edgar

> >>>Subject: cli auth

> >>>it works

> >>>.

> <<<250 2.0.0: 65a74964 Message accepted for delivery
>
>
>
Damn thunderbird. My apologies to all who endure reading the above.