Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SASL authentication failed in Mail relay rules by recipient #7069

Closed
DavidePrincipi opened this issue Oct 22, 2024 · 7 comments
Closed

SASL authentication failed in Mail relay rules by recipient #7069

DavidePrincipi opened this issue Oct 22, 2024 · 7 comments
Assignees
@nrauso
Labels
verified All test cases were verified successfully
Milestone
NethServer 8.3

Comments

@DavidePrincipi
Copy link
Member

DavidePrincipi commented Oct 22, 2024
edited
Loading

The Mail Relay rules page allows defining recipient-based relay rules, where each rule can have its own relay host and credentials settings. When using the same relay host for different recipients, the Postfix SMTP client fails to deliver the message, showing a "SASL authentication failed" error. The message stays in the queue.

Steps to reproduce

  • Configure multiple recipient relay rules using the same relay host.
  • Attempt to send a message through the relay.

image

Expected behavior

The message is delivered successfully.

Actual behavior

The message remains in the queue with the error "SASL authentication failed."

With increased Postfix verbosity1, similar lines are sent to the log:

Nov 19 11:16:19 rl1 postfix/smtp[88768]: maps_find: smtp_sasl_password_maps: sqlite:/etc/postfix/main.cf.d/relaycredentials.sqlite(0,lock|fold_fix|utf8_request): [host15001.test]:15001 = user15001:pass1,user15002:pass2,user15003:pass3
Nov 19 11:16:19 rl1 postfix/smtp[88768]: smtp_sasl_passwd_lookup: host `host15001.test' user `user15001' pass `pass1,user15002:pass2,user15003:pass3'

Components

  • mail 1.4.7

See also

Discussion https://mattermost.nethesis.it/nethesis/pl/w9wbrq7p83go5e5ga94oauxsbe

Thanks to @nrauso

Footnotes

  1. POSTFIX_DEBUG=4 reload-config See https://github.com/NethServer/ns8-mail/tree/main/postfix#environment-variables

@DavidePrincipi DavidePrincipi self-assigned this Oct 22, 2024
@DavidePrincipi DavidePrincipi moved this from Ready to In progress in NethServer Oct 24, 2024
@xtremepc
Copy link

xtremepc commented Nov 5, 2024

Good evening, I also have this problem, I tried to go to the link but it asks me for an account, how can I see the solution?

@DavidePrincipi
Copy link
Member Author

The link to Nethesis team private chat does not give any solution to this bug. For now it only leads to this bug report. You'll see this bug with "testing" label when we have one.

@DavidePrincipi DavidePrincipi added this to the NethServer M8.3 milestone Nov 7, 2024
@gsanchietti gsanchietti removed the bug label Nov 14, 2024
@DavidePrincipi DavidePrincipi mentioned this issue Nov 19, 2024
Merged
DavidePrincipi added a commit to NethServer/ns8-mail that referenced this issue Nov 20, 2024
@DavidePrincipi
Merge pull request #142 from NethServer/bug-7069
c921591 
Fix relay rule credential handling

Refs NethServer/dev#7069
@DavidePrincipi DavidePrincipi removed their assignment Nov 20, 2024
@DavidePrincipi DavidePrincipi added the testing Packages are available from testing repositories label Nov 20, 2024
@nethbot nethbot moved this from In progress to Testing in NethServer Nov 20, 2024
@DavidePrincipi
Copy link
Member Author

DavidePrincipi commented Nov 20, 2024
edited
Loading

Test case

  1. Check the bug is not reproducible with testing release of Mail 1.4.10-dev.1.

  2. Ensure there is no regression in other rule Add and Modify scenarios, for all types of rules.

@nrauso nrauso self-assigned this Nov 20, 2024
@DavidePrincipi DavidePrincipi mentioned this issue Nov 21, 2024
Merged
DavidePrincipi pushed a commit to NethServer/ns8-mail that referenced this issue Nov 21, 2024
@weblate
Translated with Weblate (#143)
70cf181 
Translate-URL: https://hosted.weblate.org/projects/ns8/mail/de/
Translate-URL: https://hosted.weblate.org/projects/ns8/mail/es/
Translate-URL: https://hosted.weblate.org/projects/ns8/mail/eu/
Translate-URL: https://hosted.weblate.org/projects/ns8/mail/it/
Translate-URL: https://hosted.weblate.org/projects/ns8/mail/pt/
Translate-URL: https://hosted.weblate.org/projects/ns8/mail/pt_BR/
Translation: NS8/mail

Co-authored-by: Davide Principi <[email protected]>
Co-authored-by: LibreTranslate <[email protected]>
Co-authored-by: Prefill add-on <[email protected]>

Refs NethServer/dev#7069
@nrauso nrauso removed the testing Packages are available from testing repositories label Nov 21, 2024
@DavidePrincipi DavidePrincipi moved this from Testing to In Progress in NethServer Nov 21, 2024
@DavidePrincipi DavidePrincipi mentioned this issue Nov 25, 2024
Merged
1 task
DavidePrincipi added a commit to NethServer/ns8-mail that referenced this issue Nov 25, 2024
@DavidePrincipi
Fix wildcard relay rule (#144)
7bbd14f 
Fix Postfix configuration to implement its builtin rule evaluation order:

1. Recipient rules, by domain or full address
2. Sender rules, by domain or full address
3. Wildcard rule, if none of the above matches

Refs NethServer/dev#7069
@DavidePrincipi
Copy link
Member Author

In testing, 1.4.10-dev.3

Repeat the previous test cases. Ensure the behavior is consistent with the previous comment and NethServer/ns8-docs#128

@DavidePrincipi DavidePrincipi added the testing Packages are available from testing repositories label Nov 25, 2024
@DavidePrincipi DavidePrincipi removed their assignment Nov 25, 2024
@nethbot nethbot moved this from In Progress to Testing in NethServer Nov 25, 2024
@nrauso nrauso self-assigned this Nov 26, 2024
DavidePrincipi added a commit to NethServer/ns8-mail that referenced this issue Nov 26, 2024
@DavidePrincipi
Fix add-relay-rule for non-sender rules
67bd45f 
Settings must be copied across different rule types: in case of Default
and Recipient settings are shared. This aligns the add-relay-rule action
behavior to the correct behavior of alter-relay-rule.

Refs NethServer/dev#7069
@DavidePrincipi
Copy link
Member Author

DavidePrincipi commented Nov 26, 2024
edited
Loading

In testing, 1.4.10-dev.4

  • When a Recipient relay rule is added, existing Default rule settings (Credentials, TLS) are synchronized with it
  • When the Default relay rule is added, existing Recipient rule settings (Credentials, TLS) are synchronized with it

@stephdl stephdl mentioned this issue Nov 26, 2024
Closed
@nrauso
Copy link

nrauso commented Nov 26, 2024

test cases: VERIFIED

@nrauso nrauso added verified All test cases were verified successfully and removed testing Packages are available from testing repositories labels Nov 26, 2024
@nethbot nethbot moved this from Testing to In Progress in NethServer Nov 26, 2024
@nethbot nethbot moved this from In Progress to Verified in NethServer Nov 26, 2024
@DavidePrincipi
Copy link
Member Author

Released in https://github.com/NethServer/ns8-mail/releases/tag/1.4.10

@github-project-automation github-project-automation bot moved this from Verified to Done in NethServer Nov 26, 2024
DavidePrincipi added a commit to NethServer/ns8-docs that referenced this issue Nov 26, 2024
@DavidePrincipi
Merge pull request #128 from NethServer/bug-7069
6244f92 
Clarify behavior of rule updates in mail relay

Refs NethServer/dev#7069
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nrauso nrauso

Labels
verified All test cases were verified successfully
Projects
NethServer
Archived in project
Milestone
NethServer 8.3
Development

No branches or pull requests
4 participants
@gsanchietti @DavidePrincipi @nrauso @xtremepc